Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 20 Dec 2016 21:11:06 +0000
From: Darren Rhodes <>
Subject: Re: Bruteforce auto-generated md5crypt

Not sure on the dump-force, but incremental can be specified which means 
it doesn't do single and wordlist first!

I use it all the time! The best way I have found to use it (so not to 
have to create your own .chr files) is with crunch piping output to it 
(as if it was a word file).

my typical command line looks like this (for wpa but adjustable to any):

crunch 10 10 abcdef23456789 -d 2@ -d 2%  -s aabc5e8638 | john -stdin 

crunch is an excellent tool to create "on the file" brute for password 
lists and by piping it directly to John you don't need to same huge 
files.  It also allows you to 'adjust' what characters you wish to use.

my crunch command above says:

crunch <min-word-length> <max-word-length> <characters to use> <no more 
than two the same characters next to each other> <no more than two 
numbers next to each other>

I do use the --incremental mode in John on its own, but you have to 
build a character table (a .chr file) which gets a bit convoluted and 
John insists on ordering the characters in what it thinks is the most 
important.  using crunch instead will allow you to not only specify what 
characters to use but in which order.

i.e. you could specify 012345qwerty456 and it would cycle through the 
characters in that order in that order starting at 0000000000 and ending 
at 6666666666

have fun which ever way you go ;)

On 20/12/16 03:45, Xender Cage wrote:
> Thanks for the reply, Rich and Darren.
> I think, dump-force is the best suitable options for me.
> How do I force john to switch to "dump-force" mode?
> The Incremental doesn't suit in this case, because as I said it first use
> the word-list and make a hybrid attack first.
> It is "$john --incremental mypasswd".
> On Tue, Dec 20, 2016 at 3:57 AM, Darren Rhodes <> wrote:
>> Hi Xender,
>> The brute force mode is actually called incremental mode
>> john --incremental mypasswd
>> On 19/12/16 09:12, Xender Cage wrote:
>>> Hi,
>>> I'm kind of having a headache trying to figure out how to put the john
>>> into
>>> bruteforce mode.
>>> I'm trying to recover the md5crypt password.
>>> It's used with generator and it generate all kind of printable char in the
>>> password.
>>> The problem is "How can I put the john to the bruteforce mode?" and not a
>>> hybrid mode.
>>> Because john start to crack with words and usually using sequence digits
>>> which is used to crack the human set password.
>>> For an example, it gave password like !4#25L but john crack with
>>> mdedne..mdedia which is obviously not in this case.
>>> Please help me.
>>> I spend nearly a week and it's still using "dytyr..dyte1" like password.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.