1 John the Ripper's command line syntax. 2 (Updated in/for the Jumbo patch by JimF and magnum) 3 4When invoked with no command line arguments, "john" prints its usage 5summary. 6 7The supported command line arguments are password file names and 8options. Many of the supported options accept additional arguments. 9 10You can list any number of password files right on the command line of 11"john". You do not have to specify any options. If valid password 12files are specified but no options are given, John will go through 13the default selection of cracking modes with their default settings. 14 15Options may be specified along with password files or on their own, 16although some require that password files be specified and some do not 17support operation on password files. 18 19All options are case sensitive, can be abbreviated as long as the 20abbreviations are unambiguous, can be prefixed with two dashes 21(GNU-style) or with one dash, and can use "=" or ":" to indicate an 22argument (if supported for a given option). 23 24The supported options are as follows, square brackets denote optional 25arguments: 26 27--single[=(SECTION[,SECTION2,....,SECTIONn]|:rule)] "single crack" mode 28 29Enables the "single crack" mode, using rules from the configuration 30file section [List.Rules:Single]. If --single=Single_2 then the rules 31from [List.Rules:Single_2] section would be used. A rule or set of rules 32(including with pre-processor) can also be provided directly on the 33command line. See --rules for more details. 34 35--single-seed=WORD[,WORD][,...] 36 37Add static word(s) for all salts in single mode. Adding e.g. "Rockyou" 38will have the same effect as having that word in all gecos fields in the 39whole input file (except the latter would eat memory). 40 41--single-wordlist=FILE 42 43Same as --single-seed except words are read from a wordlist file. 44 45--wordlist[=FILE] wordlist mode, read words from FILE, 46--stdin or from stdin 47--pipe much like stdin, but supports rules 48 49These are used to enable the wordlist mode. If FILE is not specified, 50the one defined in john.conf will be used. 51 52--dupe-suppression suppress all duplicates from wordlist 53 54Normally, consecutive duplicates are ignored when reading a wordlist file. 55This switch enables full dupe suppression, using some memory and a little 56extra start-up time. This option implies preload regardless of file size, 57see the --mem-file-size option. 58 59--loopback[=FILE] use (a) pot file as a wordlist 60 61This mode implies --dupe-suppression. This is a special variant of wordlist 62mode. Parse the file as a .pot file, so only the actual password part of 63each line will be used. If FILE is not specified, the active .pot file will 64be used. This is very effective for applying rules to further permute words 65that has been successful, or without rules after a run using --salts in case 66the cracks are successful on other salts than the ones that has already been 67attacked. Note that by default, some rules are applied too (see john.conf 68"LoopbackRules"). To disable that for a run, just use --rules=none. 69 70--encoding=NAME 71 72Input data in a character encoding other than the default. See also 73doc/ENCODINGS. --list=encodings gives a list of supported encodings. 74 75--rules[=(SECTION[,..]|:rule[;..])] 76 77Enables word mangling rules that are read from the specified section, which 78defaults to [List.Rules:Wordlist] if not given. 79 80A rule or set of rules (including with pre-processor) can also be provided 81directly on the command line. To do so, first letter following the = must be 82: then the rest of the command argument is interpreted as the literal data 83for the rule(s) itself. Multiple rules can be provided. Each rule should be 84separated with a semicolon (;) character. So --rules=:'$[a-z]$[0-9];u' will 85use the 2 rule lines: $[a-z]$[0-9] and u 86 87When rules are entered on the command line, any time a semicolon is used IN 88a rule, then it must be preceded by a \ character, to escape it. 89So --rules::'$\;$[0-9]' is just one rule, while --rules=:'$\;$[0-9];Az"tst"' 90is two rules, and --rules=:'$;$[0-9]' would 'try' to generate 2 rules, BUT 91the first will be invalid since it is just the $ character. 92 93--rules-stack=(SECTION[,..]|:rule[;..]) 94 95Stacked rules. Adds a second pass of rules, applied after normal processing. 96Example: "--single --rules-stack=ShiftToggle" will run single mode's normal 97rules fully through the first (no-op) rule in the toggle ruleset. Only then 98will the latter set move on to its second rule, the main rules are rewinded, 99and so on. In other modes, eg. "--wordlist --rules --rules-stack=best64", 100the stacked rules (best64 in this case) will do a full pass before the 101base rule moves to its second rule. This option also works fine with ALL 102modes that normally don't support rules at all, eg. "--mask=password?d?d?d 103--rules-stack=KoreLogic" (although that will disable any GPU-side mask 104accleration). You can even use --wordlist --rules-stack=SomeRule without 105using any base rule. The difference is in how it iterates: Normal --rules 106will run all words through the first rule before moving the second rule, 107while --rules-stack will apply all rules to the first word before moving on 108to the second word from the list. Please note that when using (rule x rule) 109you very quickly end up with huge numbers of rules: Running the "all" 110ruleset twice as "--rules=all --rules-stack=all" will produce a whopping 11153 trillion rules. This feature is best used with very carefully picked 112rulesets that are made to work together. 113 114 115--incremental[=MODE] "incremental" mode [using section MODE] 116 117Enables the "incremental" mode, using the specified configuration file 118definition (section [Incremental:MODE]). If MODE is omitted, the 119default is "ASCII" for most hash types and "LM_ASCII" for LM hashes. 120 121--external=MODE external mode or word filter 122 123Enables an external mode, using external functions defined in section 124[List.External:MODE]. 125 126--stdout[=LENGTH] just output candidate passwords 127 128When used with a cracking mode, except for "single crack", makes John 129output the candidate passwords it generates to stdout instead of 130actually trying them against password hashes; no password files may 131be specified when this option is used. If a LENGTH is given, John 132assumes that to be the significant password length and truncates 133longer words (like a few formats, eg. DEScrypt, do). If you instead 134say --max-length=LENGTH, longer candidates will instead be rejected. 135 136--restore[=NAME] restore an interrupted session 137 138Continues an interrupted cracking session, reading state information 139from the specified session file or from $JOHN/john.rec by default. 140 141--session=NAME give a new session the NAME 142 143This option can only be used when starting a new cracking session and 144its purpose is to give the new session a name (to which John will 145append the ".rec" suffix to form the session file name). This is 146useful for running multiple instances of John in parallel or to be 147able to later recover a session other than the last one you interrupt. 148john.log file will also be named NAME.log (whatever 'NAME' is), so 149that any logging of the session work will end up in this file. 150 151--status[=NAME] print status of a session [called NAME] 152 153Prints status of an interrupted or running session. Note that on a 154Unix-like system, you can get a detached running session to update its 155session file by sending a SIGHUP to the appropriate "john" process; 156then use this option to read in and display the status. 157 158--make-charset=FILE make a charset, overwriting FILE 159 160Generates a charset file based on character frequencies from 161$JOHN/john.pot, for use with the "incremental" mode. The entire 162$JOHN/john.pot will be used for the charset generation by default. You 163may restrict the set of passwords used by specifying some password files 164(in which case only the cracked passwords that correspond to those 165password files will be used), "--format", or/and "--external" (with an 166external mode that defines a filter() function). Note that you can 167combine this with the --pot=FILE option. 168 169--show[=left] show cracked passwords 170 171Shows the cracked passwords for given password files (which you must 172specify). You can use this option while another instance of John is 173cracking to see what John did so far; to get the most up to date 174information, first send a SIGHUP to the appropriate "john" process. 175If --show=left then all uncracked hashes are listed (in a John 'input' 176file format way). =left is just that literal string "=left". When 177using --show=left you normally need to supply the --format option too. 178 179--show=formats parse hashes and show meta-information in JSON 180--show=types or in old custom format 181 182Shows the formats/types of input hashes contained in the input file. 183See doc/SHOW_FORMATS.md 184 185--show=invalid show lines in the input file that fail valid() 186 187Shows the input hash lines which fail the valid() function (ie. these 188hashes have something wrong with them and would not be processed). 189When using this mode, you will want to run against a solid file, 190that is made up of just one type hash. Also, the --format=xx flag 191is not required, but if not used, then the first valid line of the 192file will be used as the format type. 193 194--test[=TIME] run tests and benchmarks for TIME seconds each 195 196Tests all of the compiled in hashing algorithms for proper operation and 197benchmarks them. The "--format" option can be used to restrict this to 198a specific algorithm. Using --test=0 will do a very quick self-test but 199will not produce any speed figures. 200 201--stress-test[=TIME] continuous self-test 202 203Perform self-tests just like with --test except it loops until failure or 204until aborted by user. This is mostly for debugging. 205 206--skip-self-tests skip self tests 207 208Tells John to skip self tests. Basic integrity checks will be done but test 209vectors will not be verified. This option is useful to run many small 210attacks in a row against slow hashes. Usually it is not needed. It affects 211--test option: --skip-self-tests and --test together perform only benchmarks. 212 213--users=[-]LOGIN|UID[,..] [do not] load this (these) user(s) 214 215Allows you to select just a few accounts for cracking or for other 216operations. A dash before the list can be used to invert the check 217(that is, load information for all the accounts that are not listed). 218 219--groups=[-]GID[,..] load users [not] of this (these) group(s) 220 221Tells John to load (or to not load) information for accounts in the 222specified group(s) only. 223 224--shells=[-]SHELL[,..] load users with[out] this (these) shell(s) 225 226This option is useful to load accounts with a valid shell only or to 227not load accounts with a bad shell. You can omit the path before a 228shell name, so "--shells=csh" will match both "/bin/csh" and 229"/usr/bin/csh", while "--shells=/bin/csh" will only match "/bin/csh". 230 231--salts=[-]N[:MAX] load salts with[out] at least N passwords 232 233This is a feature which allows to achieve better performance in some 234special cases. For example, you can crack only some salts using 235"--salts=2" faster and then crack the rest using "--salts=-2". Total 236cracking time will be about the same, but you will likely get some 237passwords cracked earlier. If MAX is listed, then no hashes are 238loaded where there are more than MAX salts. This is so that if you 239have run --salts=25 and then later can run --salts=10:24 and none of 240the hashes that were already done from the --salts=25 will be re-done. 241 242--costs=[-]Cn[:Mn][,...] load salts with[out] cost value Cn [to Mn] 243 for tunable cost parameters 244 (comma separated values/ranges per param.) 245 246The option --cost= can be used to crack only hashes with similar 247tunable costs, to avoid a slowdown caused by expensive cost parameter 248settings of some hashes if there are other hashes which are less 249expensive to compute. 250This feature allows you to focus on salts with lower cost values first. 251For formats with different tunable costs, you can specify a comma 252separated list of values/ranges. 253 --cost=-2 (cost of first cost parameter must be smaller than 2) 254 --cost=2,10:20 (cost of 1st parameter is >= 2, of 2nd between 10 and 20) 255 --cost=0,10:20 (first cost parameter ignored, 2nd between 10 and 20) 256 --cost=0,-3 (first cost parameter ignored, 2nd smaller than 3) 257Few formats have more than one tunable cost parameter. Many saltless hashes 258and several salted hashes lack any tunable cost parameters. For these, a 259dummy cost of 1 is reported. 260The --list=format-details and --list=format-all-details options will 261list the tunable cost parameters supported by a given format. 262 263--pot=NAME pot filename to use 264 265By default, John will use john.pot. This override allows using a different 266john.pot-like file (to start from, and to store any found password into). 267 268--save-memory=LEVEL enable memory saving, at LEVEL 1..3 269 270You might need this option if you don't have enough memory or don't 271want John to affect other processes too much or don't need it to load 272and print login names along with cracked passwords. Level 1 tells John 273not to waste memory on login names; it is only supported when a cracking 274mode other than "single crack" is explicitly requested. It has no 275negative performance impact - in fact, it sometimes speeds things up. 276Please note that without the --save-memory=1 option (or higher), John 277will waste some memory on potential login names even if the password 278hash files don't happen to contain any login names. (The complete lack 279of login names isn't known to John when it starts parsing the files, so 280it has to record the fact that each individual entry doesn't have a 281login name unless you specify this option.) Levels 2 and 3 reduce use 282of performance optimizations involving large lookup tables, and thus 283have a negative performance impact. You should probably avoid using 284them unless John doesn't work or gets into swap otherwise. 285 286--node=MIN[-MAX]/TOTAL this node's number range out of TOTAL count 287 288This option is intended to allow for some trivial manually-configured 289parallel and distributed processing. For example, to split the workload 290across two nodes (which could be machines, CPU cores, etc.), you'd 291specify "--node=1/2" on one invocation of John and "--node=2/2" on the 292other. (If you do this on just one machine and with the same build of 293John, you will also need to specify different "--session" names for the 294two simultaneous invocations.) The nodes are assumed to be same speed 295(if this is not the case, one will get ahead of the other and is likely 296to be done sooner, unless you're using a cracking mode and settings such 297that the session is not expected to ever "complete" - which is fine.) 298If your nodes are of very different speed, you may compensate for that 299by allocating ranges of node numbers to individual invocations. For 300example, if you use OpenMP-enabled builds of John on two machines, 301OpenMP is supported (with good scalability) for the hash type you're 302cracking, and one of the machines has twice more of similar speed CPU 303cores than the other, then you may use "--node=1-2/3" on the twice 304bigger machine (let it be nodes 1 and 2 out of 3 nodes total) and 305"--node=3/3" on the smaller one. 306 307Efficiency of this approach to parallel processing, as currently 308implemented, varies by cracking mode and its settings (efficiency is 309higher for incremental mode and for wordlist mode with many rules, and 310lower for other cracking modes and for wordlist mode without rules or 311with few rules), hash type (efficiency is higher for slower to compute 312hashes), salt count (efficiency is higher for higher salt counts), and 313node count (efficiency is higher for lower node counts). Scalability 314may be limited. The highest node count you can reasonably use varies by 315cracking mode, its settings, hash type, and salt count. With 316incremental mode, efficiency in terms of c/s rate is nearly perfect 317(there's essentially no overhead), but some nodes may currently receive 318too little work - and this problem is exacerbated by high node counts 319(such as 100 or more) and/or restrictive settings (such as MinLen and 320MaxLen set to the same value or to a narrow range, and/or a charset file 321with few characters being used). With wordlist mode, for high 322efficiency the rule count (after preprocessor expansion) needs to be 323many times higher than node count, unless the p/s rate is low anyway 324(due to slow hash type and/or high salt count). 325 326Since there's no communication between the nodes, hashes successfully 327cracked by one node continue being cracked by other nodes. This is 328mostly OK for saltless hash types or when there's just one salt (since 329the same number of hash computations is to be made anyway - namely, only 330one per candidate password tested), but it is a serious drawback when 331many different salts are present and their number could potentially be 332decreasing as some hashes get cracked. 333 334--fork=N fork N processes 335 336This option is only available on Unix-like systems. It is an easy way 337to make use of multiple CPUs or CPU cores - you simply specify the 338number of John processes that you'd like to run. You may use "--fork" 339as an alternative to OpenMP, for formats currently lacking OpenMP 340support, or/and along with OpenMP (e.g., on a machine with 64 logical 341CPUs you might choose to run with "--fork=8" for 8 processes and use 342OpenMP to run 8 threads per process). 343 344You may use "--fork" along with "--node" to use multiple machines while 345also running multiple John processes per machine. For example, to use 346two similar 8-core machines you may run "--fork=8 --node=1-8/16" on one 347of the machines and "--fork=8 --node=9-16/16" on the other. For a more 348complicated example, if you have an 8-core machine and a 64-core machine 349with similar per-core performance, you could run an OpenMP-enabled build 350on both of them and use "--node=1/9" (without "--fork") on the first 351machine (8 threads in 1 process) and "--fork=8 --node=2-9/9" on the 35264-core machine (8 threads in 8 processes, for 64 threads total on this 353machine). With the current implementation, the node numbers range 354assigned to each John invocation must match the "--fork" process count. 355 356When running with "--fork", multiple ".rec" files are created, which are 357then read back by "--status" and "--restore" if you use those options. 358Just like with other options, you must not specify "--fork" along with 359"--status" or "--restore", because these read the main (unnumbered) 360".rec" file first, which contains the right "--fork" option in it, 361resulting in further (numbered) ".rec" files being read as appropriate. 362 363Under the hood, "--fork" makes use of the same functionality that 364"--node" does, so the same efficiency and scalability limitations apply. 365Despite of those, "--fork" is often much more efficient than OpenMP - 366especially for fast to compute hash types (such as LM hashes), where 367OpenMP overhead is often unacceptable. 368 369Similarly to "--node", there's almost no communication between the 370processes with "--fork". Hashes successfully cracked by one process 371continue being cracked by other processes. Just like with "--node", 372this is mostly OK for saltless hash types or when there's just one salt, 373but it is a serious drawback when many different salts are present and 374their number could potentially be decreasing as some hashes get cracked. 375To have the cracked hashes (and possibly salts) removed from all 376processes, you may interrupt and restore the session once in a while. 377 378--format=NAME force hash type NAME 379 380Allows you to override the hash type detection. As of John the Ripper 381version 1.8.0, valid "format names" are descrypt, bsdicrypt, md5crypt, 382bcrypt, LM, AFS, tripcode, dummy, and crypt (and many more are added in 383Jumbo). You can use this option when you're starting a cracking session 384or along with one of: "--test", "--show", "--make-charset". Note that 385John can't crack hashes of different types at the same time. If you 386happen to get a password file that uses more than one hash type, then 387you have to invoke John once for each hash type and you need to use this 388option to make John crack hashes of types other than the one it would 389autodetect by default. Mainly for test and list purposes (see --list=WHAT), 390you can use group aliases "dynamic", "cpu", "gpu", "opencl" and "cuda" 391as a format name, or use one wildcard, as in "--format=mysql-*", 392"--format=raw*ng" or "--format=*office". There's also a special way 393to match any substring within the "algorithm name" (the string shown 394within brackets, e.g. "[DES 128/128 AVX-16]" using @tag syntax as in 395e.g. "--format=@DES" or "--format=@AVX". Regardless of method, the 396matching ignores case. 397 398"--format=crypt" may or may not be supported in a given build of John. 399In default builds of John, this support is currently only included on 400Linux and Solaris. When specified (and supported), this option makes 401John use the system's crypt(3) or crypt_r(3) function. This may be 402needed to audit password hashes supported by the system, but not yet 403supported by John's own optimized cryptographic routines. Currently, 404this is the case for glibc 2.7+ SHA-crypt hashes as used by recent 405versions of Fedora and Ubuntu, and for SunMD5 hashes supported (but not 406used by default) on recent versions of Solaris. In fact, you do not 407have to explicitly specify "--format=crypt" for hashes of these specific 408types unless you have other hash types (those supported by John 409natively) in the password file(s) as well (in which case another hash 410type may get detected unless you specify this option). 411 412When benchmarking "--format=crypt", it will default to benchmark DES. 413The "--subformat=TYPE" can be added for benchmarking other types, given 414they are supported by the system. Currently supported TYPEs are 415md5crypt, bcrypt, sha256crypt and sha512crypt. 416 417"--format=crypt" is also a way to make John crack crypt(3) hashes of 418different types at the same time, but doing so results in poor 419performance and in unnecessarily poor results (in terms of passwords 420cracked) for hashes of the "faster" types (as compared to the "slower" 421ones loaded for cracking at the same time). So you are advised to use 422separate invocations of John, one per hash type. 423 424--mem-file-size=SIZE max. size of wordlist to preload into memory 425 426For performance reasons, Jumbo preloads the wordlist file into memory instead 427of reading line by line, when rules are in use. The default max. size file 428for this to happen is shown in --list=hidden-options. A special value is 429--mem-file-size=0. This will force loading to memory regardless of file size 430(take care not to exceed your physical memory limits, or things will just run 431much slower). NOTE if --save-memory > 2, default preload will be disabled. 432 433--field-separator-char=c Use 'c' instead of ':' as field separator 434 435This option allows for using an arbitrary character that doesn't interfere 436with field contents. A popular alternative is using the TAB character and 437this has special parsing (write it, literally, as --field-separator-char=tab). 438Other non-printable characters can be written in hex \xHH notation (the TAB 439character can also be specified with --field-separator-char=\x09). Note that 440a side effect is that the pot file will get this field separator too. 441 442--fix-state-delay=N only determine the wordlist offset every N times 443 444This is an optimization for wordlist mode which helps on some systems. This 445just limits the number of times that the ftell() call is performed. The one 446side effect is that if John is aborted and later restarted it may redo more 447tests. Thus, the use of this option is only sensible desirable for very fast 448hash types. 449 450--no-log disable log file 451 452This will turn off logging to file (default john.log) in case you are sure 453you wont need it. The log can sometimes become huge (such as when working 454with many 'fast' rules on a fast format). The older name --nolog is 455deprecated but will continue to work until next release. 456 457--log-stderr 458 459Log to screen (stderr) instead of to file. 460 461--bare-always-valid=C 462 463Normally, dynamic mode will only load hashes with tags in the input file (for 464example, $dynamic_0$368dc60082c8b47e697826b282b94e3d) or when a specific format 465is requested (eg. --format=dynamic_0). If C is 'Y' or 'y', then the dynamic 466format will always treat bare hashes as valid. You can permanently enable this 467option by editing john.conf and setting "DynamicAlwaysUseBareHashes". 468 469--crack-status show status line on every crack 470 471This will automagically emit a status line at every cracked password. This is 472mostly for testing. 473 474--progress-every=N emit a status line every N seconds 475 476This will automagically emit a status line every N seconds. This is mostly 477for testing. 478 479--mkpc=N force min/max keys per crypt to N 480 481This option is for certain kinds of testing. There is a performance impact. 482Many formats perform the crypts in batches of several (sometimes thousands or 483even tens of thousands) candidates. This option forces it down from the 484format's default. For most purposes, you would use 1. One good example is for 485studying which rules give most "hits": Without this options, you can't know for 486sure which rule produced a successful guess when analyzing the log file. 487 488--min-length=N request a minimum candidate length in bytes 489--max-length=N request a maximum candidate length in bytes 490 491These options limit the length of candidates that will be tried. In wordlist 492mode (after applying rules, if any), a word that is not within the requested 493limits will be rejected (as opposed to truncated). Most other modes also 494honour these settings. For example, you can fully exhaust a short keyspace 495with incremental mode with e.g. --max-len=4 and then start a longer session 496for the rest with --min-length=5, or use one core for lengths up to 8 and 497other cores for exact lengths of 9, 10 and so on. 498Note: With UTF-8 encoding and no internal codepage, non-ASCII characters will 499use more than one byte. 500 501--max-run-time=[-]N 502 503Gracefully exit after N seconds. If you resume it, it will run for another N 504seconds and exit again. 505If a negative value is specified, John will run for N seconds after the last 506crack, ie. each cracked password will reset the timer. 507 508--max-candidates=[-]N 509 510Gracefully exit after N candidates were tried. If you resume it, it will run 511for another set of N candidates and exit again. Note that some formats will 512process candidates in "batches" of a few, or many, candidates so the number 513may well be overshot by some amount. 514If a negative value is specified, John will process N candidates after the 515last crack, ie. each cracked password will reset the counter. 516 517--keep-guessing search for alternative plaintexts 518 519Some formats has plaintext collisions. That means some (or many) different 520plaintexts will result in the same hash, so are equally valid. It may be due 521to a design flaw as in BFEgg, or due to limited hash size as in CRC-32 - or 522artificially limited keyspace as in Office formats before 2007 (a good sized 523key is truncated to 40-bit on purpose - thank you Microsoft). When this option 524is used a successful crack will not result in that hash being removed from 525further cracking, so you can use it to find alternative plaintexts. 526 527--reject-printable reject printable binaries 528 529This esoteric option can be used to filter out many bogus hashes. It only 530works well with not too small binary sizes. Rejected hashes are printed (as 531text) to stderr. It may fail to work with some formats that e.g. reverse 532steps. A good example of that is it does not work with raw-md5 format, but 533works fine with dynamic_0 (which is also raw MD5 but less optimized). An 534example of hash that would be rejected is 6d61676e756d474747476d61676e756d 535which is hex of the ASCII string "magnumGGGGmagnum" and not very likely 536a real hash. You'd be surprised what you can find in some dumps. 537 538--verbosity=N change verbosity 539 540Make John more verbose, or less verbose. Default level is 3. For example, 541level 2 will mute the extra messages (device, work sizes etc) printed by 542OpenCL formats and level 1 will mute printing of cracked passwords to screen. 543 544--list=WHAT list capabilities 545 546This option can be used to gain information about what rules, modes etc are 547available. Use --list=help for a list of valid arguments. 548If information about formats is requested, a --format=[NAME|CLASS] option 549can be used in addition to --list=WHAT. 550If an additional option --config=FILE 551 552--list=externals List all external modes/filters 553--list=ext-modes List external modes [has a generate()] 554--list=ext-filters List external filters, including modes with a filter 555--list=ext-filters-only List external filters [lacks a generate()] 556--list=ext-hybrids List external hybrid modes [has a new()] 557--list=formats List all the supported formats in the sequence they 558 are registered (this is also the sequence that will 559 be used to identify the first format which detects 560 a valid ciphertext (password hash) in the input file 561 if John is started without the --format=NAME option) 562--list=format-details List all the supported formats in the same sequence 563 as with --list=formats, but with additional details 564 (which might be more interesting for developers than 565 for regular users), machine-parsable. Fields: 566 -format label 567 This is to be used as NAME in --format=NAME 568 -maximum supported password length in bytes 569 For performance reasons, the maximum length 570 supported by John the Ripper can be shorter than 571 the maximum length supported by the application 572 which uses this format 573 -minimum keys per crypt 574 -maximum keys per crypt 575 -format flags 576 -number of hard coded test cases for --test 577 -algorithm name 578 -format name 579 -benchmark comment 580 -benchmark length 581 -binary size 582 -salt size 583 -example ciphertext 584 (the individual columns are separated by [tab]) 585--list=format-all-details List all the supported formats and their attributes 586 in the same sequence as with --list=format-details, 587 but in a more descriptive form readable by humans 588--list=format-methods[:WHICH] 589 List all methods which are NOT default for each 590 format. If 'WHICH' is set, then this listing 591 will ONLY be formats which have the 'WHICH' format 592 overridden. 593--list=format-tests List all format specific tests 594 (format name, number, hash, password) 595 If a format uses encoding specific tests, you can 596 use --encoding=NAME as an additional option to see 597 these encoding specific tests. 598 If a ciphertext contains line feeds or the separator 599 character (horizontal tab), just the format name and 600 the test number are written. If the password has 601 line feeds, it will not be written. 602 (A warning message is written to stderr in this case) 603--list=subformats List all the built-in dynamic formats 604 605--regen-lost-salts=type:hash_sz:mask 606 Finds passwords AND salts in a set of raw hashes. 607 This function has been changed, and now is 'generic'. 608 See the file Regen-Lost-Salts.txt for information. 609 610 611 Additional utilities (compiled/installed along with John). 612 613There are some related utilities in John's run directory. (Depending on 614platform, these may be symlinks to the main John program binary.) 615 616 unshadow PASSWORD-FILE SHADOW-FILE 617 618Combines the "passwd" and "shadow" files (when you already have access 619to both) for use with John. You might need this since if you only 620used your shadow file, the "Full Name" or "GECOS" information wouldn't 621be used by the "single crack" mode (thus reducing its efficiency) and 622you wouldn't be able to use the "--groups" and "--shells" options and 623to select by UID with "--users". You probably also want to see all of 624the passwd file fields with "--show". 625 626You'll usually want to redirect the output of "unshadow" to a file 627which you then pass to John. 628 629 unafs DATABASE-FILE CELL-NAME 630 631Gets password hashes out of the binary AFS database and produces 632output usable by John (you should redirect the output to a file). 633 634 unique OUTPUT-FILE 635 636Removes duplicates from a wordlist (read from stdin) without changing 637the order of entries. You might want to use this with John's 638"--stdout" option if you've got a lot of disk space to trade for the 639reduced cracking time (on possibly trying some duplicates as they 640might be produced with word mangling rules). 641This program has been updated. It is faster, it now can 'cut' the 642lines (in a couple of ways), and can unique the files data, AND also 643unique it against an existing file. 644 645 646 Scripts. 647 648There are also some related scripts supplied in John's run directory. 649(Binary packages of John may choose to install these along with the 650documentation instead.) 651 652 relbench BENCHMARK-FILE-1 BENCHMARK-FILE-2 653 654relbench is a Perl script to compare two "john --test" benchmark runs, 655such as for different machines, "make" targets, C compilers, 656optimization options, or/and versions of John the Ripper. To use it, 657redirect the output of each "john --test" run to a file, then run the 658script on the two files. Most values output by the script indicate 659relative performance seen on the second benchmark run as compared to the 660first one, with the value of 1.0 indicating no change, values higher 661than 1.0 indicating speedup, and values lower than 1.0 indicating 662slowdown. Specifically, the script outputs the minimum, maximum, 663median, and geometric mean for the speedup (or slowdown) seen across the 664many individual benchmarks that "john --test" performs. It also outputs 665the median absolute deviation (relative to the median) and geometric 666standard deviation (relative to the geometric mean). Of these two, a 667median absolute deviation of 0.0 would indicate that no deviation from 668the median is prevalent, whereas a geometric standard deviation of 1.0 669would indicate that all benchmarks were sped up or slowed down by the 670exact same ratio or their speed remained unchanged. In practice, these 671values will tend to deviate from 0.0 and 1.0, respectively. 672 673 mailer PASSWORD-FILE 674 675A shell script to send mail to all users whose passwords got cracked. 676This is not always a good idea, though, since lots of people do not 677check their e-mail or ignore such messages, and the messages can be a 678hint for crackers. 679 680You should probably deploy proactive password strength checking, such as 681with passwdqc, before you ask users to change their passwords - whether 682using this script or otherwise. And you should edit the message inside 683the script before possibly using it. 684 685 makechr 686 687This is a script to (re-)generate the .chr files using passwords in 688john.pot and applying all of the defined external mode filters. To 689speed it up on a sufficiently large computer (RAM and CPUs), "&" may be 690added after the John invocation inside the script (to run all of them in 691parallel). 692