Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Thu, 18 Aug 2016 10:59:50 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: how to use John to create more complex passwords

On Thu, Aug 18, 2016 at 10:04 AM, Liyan Cao <lcao@...ollege.com> wrote:
> Hi, Rich,
> Thank you!
> I got below error. I'm using "John the Ripper 1.8.0 (sources, tar.xz, 4.3 MB)". Any suggestions?
>
> $ ./john -w=mypasswd.lst -rules=single -stdout
> Extra parameter for option: "-rules=single"
>
You will want to download and compile the latest version of John, the
Jumbo version on Github
https://github.com/magnumripper/JohnTheRipper/
If you know hot to use git too: git clone
https://github.com/magnumripper/JohnTheRipper/
cd into the src directory and use ./configure && make clean && make

There are also some premade and user contributed versions you may want
to try that are more modern than 1.8.0, but none as updated as the GIT
repo.
http://openwall.info/wiki/john/custom-builds
-rich
> -----Original Message-----
> From: Rich Rumble [mailto:richrumble@...il.com]
> Sent: Thursday, August 18, 2016 9:38 AM
> To: john-users@...ts.openwall.com
> Subject: Re: [john-users] how to use John to create more complex passwords
>
> On Wed, Aug 17, 2016 at 9:22 PM, Liyan Cao <lcao@...ollege.com> wrote:
>> Hi,
>> I'd like to run John with a password list file to create another file with the passwords at least 8 alphanumeric characters.
>> Can you give me a sample with the syntax?
>> For example :
>> Inside the password.lst, I have:
>> Security
>> I'd like the new password file to have the words generated from Security:
>> Security123
>> Secur1ty
>> SECURITY
>> How do I do that?
>
>
> the --stdout feature should work:
> john -w=password.lst -rules=single -stdout The output from that command could be very large depending on how many lines you have in your password.lst file so if your redirecting that output to a file ( >output.txt) it could get quite large.
> You can write your own rules (see RULES in the DOC folder) as well and then specify them instead of the built in rules like "single", "nt", "wordlist" etc..
>
> If you have a password "policy" you want john to use, you can use the external filter or create your own external filter
>
> john -external=policy -w=password.lst -rules=single -stdout
>
> That default policy above is 1 upper, 1 lower and 1 digit, 8 or more in length. If you want specials to be included, the external filter in john.conf will have to be changed to include that.
>
> You can also use the mask mode to append to your wordlist john -stdout -w=password.lst -mask=?w?s?d?d -min-length=5
>
> See MASK doc's for more examples. You can even apply the external filters to that command too :) This too will create a lot of data...
> -rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.