Easier JTR tut

ou can download JTR at [url="http://www.openwall.com/john"]http://www.openwall.com/john[/url] if you haven't it yet !

Once downloaded, unzip it in a directory you can find easily, for example :

c:\john\

In the john folder, you will find two sub-folders :
doc and run

in which you can find the executable

[codebox]john-386.exe or john-mmx.exe[/codebox]
.
Now you put the passwords you wanna crack in a text file (ex: pass.txt) like this :

[codebox]username:password[/codebox]


Let's begin !

I) Modes

1) Single

This mode tests all the most used combinations, it works fine and lasts just a few seconds. Try this one first. 8)

syntax :

[codebox]john -single pwdfile.txt[/codebox]


2) Word list

You can download good wordlists on [url="http://openwall.com"]http://openwall.com[/url] or by googling a bit...

syntax :

[codebox]john -wordlist:list pwdfile.txt[/codebox]

example :

[codebox]john -wordlist:C:\dico.txt pass.txt[/codebox]

3) Brute Force mode

Like written in the title this mode will brute force the pass, so it can last two mins. as well as centuries...

syntax :

[codebox]john -incremental:type pwdfile.txt[/codebox]


Type variable can be :

all
to test letters+numbers+special chars. or

alpha
to test only the letters or

digits
to test only the numbers.

example :

[codebox]john -incremental:alpha pass.txt[/codebox]


II) Go further

If you're lazy , you can use -w instead of -wordlist and -i instead of
-incremental.
Example :

[codebox]john -i:all pass.txt[/codebox]


JTR has a default wordlist (password.lst)
example :

[codebox]john -w:password.lst pass.txt[/codebox]