Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 11 Dec 2016 09:47:52 +0100
From: Patrick Proniewski <>
Subject: Re: Need a little help cracking one password


On 11 déc. 2016, at 06:43, Robert Moskowitz wrote:

> It just so happens that I used the same password on another server, and created a passwd file with the one entry.  I am running the John that comes with Fedora 22, the docs cay it is 1.10 2013/05/29.

I'm not sure this 1.10 version of JtR exists. It probably should be 1.8.x.
2013 sounds a bit old, you might want to install a more current version, and even to compile a Jumbo version.

> John has been crunching away for 20 days on a Lenovo x120e notebook without finding the password.  Well I know a few things about this password and I would like to instruct John o be selective on what it tries.  But I am a bit of a hack and need so hand-holding on how to alter /etc/john.conf (or make another) that will target the password.
> I know the password is 10 characters long.
> I know that the first position is either 'x' or 'X'.
> The second is a digit, as is the third.
> The forth is alpha, and I don't know the case.
> The fifth is either 'q' or 'Q'
> and soforth (either digit, some alpha, or a specific alpha of either case)

With a recent Jumbo version, you can use --mask attack mode: 

./john -1=[?u?l?d] --mask=[xX]?d?d?[a-zA-Z][qQ]?1?1?1?1?1 /path/to/passwdfile

(I'm not sure for the non-Jumbo version, but it might work too).


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.