John the Ripper/Password Generation
From charlesreid1
The Basics of Password Generation with John
This page will walk through some basic password cracking with John the Ripper. We'll go from wanting to test certain passwords to being able to generate a stream of them with John the Ripper. This is important to be able to do, so that we don't need to devote gigabytes of disk space to word files. Intelligent use of patterns can save us a whole lot of headaches.
John and Stdout
Note that if you're using Kali 2.0, you'll need to install John jumbo 1.8 from source, instead of using the Kali 2.0 repository version of John, if you want to send John's password guesses to stdout (or pipe them to aircrack).
Rules and Modes
Rules and modes are ways of telling John how to guess passwords. John can be simplistic, only testing passwords that are in the wordfile, or sophisticated, doing letter/number substitutions, etc.
This page is going to cover some basic rules and modes for guessing passwords in John. We'll figure out how to start with low-hanging fruit, in terms of password guesses, and implementing those in John the Ripper.
Rules
Rules are specified in the John configuration file /etc/john/john.conf and are ways of using a wordlist to generate password variations.
Here's an example of a rule:
[List.Rules:KoreLogicRulesAppendYears] cAz"19[0-9][0-9]" Az"19[0-9][0-9]" cAz"20[01][0-9]" Az"20[01][0-9]"
The rule is named KoreLogicRulesAppendYears.
 |
john the ripper password generator and all-around cracking tool.
Testing John: John the Ripper/Benchmarking Using John on Password generation using rules and modes: John the Ripper/Password Generation Installing some useful password rules: John the Ripper/Rules Using John to feed password guesses to Aircrack: Aircrack and John the Ripper John the Ripper on AWS: Ubuntu/Barebones to JtR Getting Passwords from John: John the Ripper/Password Recovery
|