John The Ripper | Misc Options

Ok this is last part to John The Ripper tutorial and here we will discus some of the misc features of John The Ripper. John The Ripper can crack many types of password encryption formats if you know by which format the password is encrypted, you can force John The Ripper to break password only in that format, by default it tries all possibilities.
[root@localhost run~]#./john –format:DES password.txt (try only DES)
[root@localhost run~]#./john –format:BSDI password.txt (try only BSDI)
[root@localhost run~]#./john –format:MD5 password.txt (try only MD5)
[root@localhost run~]#./john –format:BF password.txt (try only BF)
[root@localhost run~]#./john –format:AFS password.txt (try only AFS)
[root@localhost run~]#./john –format:LM password.txt (try only LM)
The next similar option is mode, mode is advanced user option, by using mode option you tell John The Ripper to use your configuration file than default one. The default file is located in /run directory of John The Ripper folder with name john.conf. You need to know a little about C programming language to create new configuration file, give it whatever name you what and save it with .conf extension.
Please note that if you make any mistake while making this file then it will be your fault if John The Ripper takes too long to break a simple password or it fails to break password. Don’t mess with it until you really know how to handle it, default file is already very strong to break passwords so better way don’t touch that option. By the way here’s how you can use it,
[root@localhost run~]#./john –mode:new_conf_file_name password.txt
To know how to create custom conf file read MODES and CONF file from /doc folder of John The Ripper directory.
Customizing Output:
As I told you before the users with locked sessions are stored in /etc/expired file, but its not always the case. Many people prefer to give expired file name to locked user sessions, but there’s no guarantee you will find locked session file with same name in every system. By the way while getting output you can specify that you don’t wish to see locked users password,
[root@localhost run~]#./john –show –shells= – locked_session_file password.txt
by adding ‘ ‘ sign you will tell John The Ripper to negate users specified in locked_session_file while showing output. If you don’t have locked user session file then you can manually put user-names to get results,
[root@localhost run~]#./john –show –shells= – user1,user2,…usern password.txt
It is also capable of showing you only user accounts and groups password which you want to know, have a look on following commands,
[root@localhost run~]#./john –show –users=root password.txt
Shows only users with root privileges
[root@localhost run~]#./john –show –groups=0,1 password.txt
show only passwords of users with group ID (GUID) 0 and 1 . Now you might ask can I use such kinda customization while password cracking answer is surely yes,
[root@localhost run~]#./john -w=password.lst –groups=0,1 password.txt
[root@localhost run~]#./john –show –users=root password.txt
Lastly if you think John The Ripper is adding CPU overhead while cracking password then open configuration file and change IDLE = ‘N’ to IDLE= ‘Y’.
Here ends final chapter of John The Ripper tutorial, if you still have any problems then don’t hesitate to ask. Thanks for reading, keep visiting.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s