John the Ripper Cheat Sheet
Complete password cracking commands reference
From Basic to Advanced Techniques
1. Basic Commands
Check Version
john --version
List Supported Formats
john --list=formats
Basic Crack
john hashes.txt
Show Cracked Passwords
john --show hashes.txt
2. Wordlist Attack
Basic Wordlist
john --wordlist=passwords.txt hashes.txt
Wordlist with Rules
john --wordlist=rockyou.txt --rules hashes.txt
Specific Format
john --wordlist=rockyou.txt --format=raw-md5 hashes.txt
3. Incremental Mode
Default Incremental
john --incremental hashes.txt
Only Digits
john --incremental=Digits hashes.txt
Lowercase Only
john --incremental=Lower hashes.txt
Custom Length
john --incremental --min-length=6 --max-length=8 hashes.txt
4. Mask Attack
Password Pattern (4 letters + 4 digits)
john --mask='?l?l?l?l?d?d?d?d' hashes.txt
Mask Placeholders
?l = lowercase letter ?u = uppercase letter ?d = digit ?s = special character ?a = any printable character
Example: Password123!
john --mask='?u?l?l?l?l?l?l?d?d?d?s' hashes.txt
5. Hash Formats - Unix/Linux
DES (traditional crypt)
john --format=descrypt hashes.txt
MD5-based crypt
john --format=md5crypt hashes.txt
SHA-256 crypt
john --format=sha256crypt hashes.txt
SHA-512 crypt
john --format=sha512crypt hashes.txt
6. Hash Formats - Windows
LM Hashes
john --format=LM hashes.txt
NTLM Hashes
john --format=NT hashes.txt
Extract from Shadow
sudo unshadow /etc/passwd /etc/shadow > unshadowed.txt
7. Raw Hash Formats
Raw MD5
john --format=raw-md5 hashes.txt
Raw SHA1
john --format=raw-sha1 hashes.txt
Raw SHA256
john --format=raw-sha256 hashes.txt
Raw SHA512
john --format=raw-sha512 hashes.txt
8. Database Hashes
MySQL
john --format=mysql-sha1 hashes.txt
PostgreSQL
john --format=postgres hashes.txt
MSSQL
john --format=mssql05 hashes.txt
Oracle
john --format=oracle11 hashes.txt
9. Web Application Hashes
WordPress
john --format=phpass hashes.txt
Drupal7
john --format=drupal7 hashes.txt
Django
john --format=django hashes.txt
10. File Format Cracking
ZIP Files
zip2john encrypted.zip > zip_hash.txt john zip_hash.txt
RAR Files
rar2john encrypted.rar > rar_hash.txt john rar_hash.txt
PDF Files
pdf2john encrypted.pdf > pdf_hash.txt john pdf_hash.txt
11. Office Documents
MS Office 2007-2019
office2john document.docx > office_hash.txt john office_hash.txt
Old Office Formats
office2john document.doc > office_hash.txt john office_hash.txt
12. SSH & Encrypted Files
SSH Private Keys
ssh2john id_rsa > ssh_hash.txt john ssh_hash.txt
KeePass Databases
keepass2john database.kdbx > keepass_hash.txt john keepass_hash.txt
7-Zip
7z2john encrypted.7z > 7z_hash.txt john 7z_hash.txt
13. Rule-Based Attacks
Default Rules
john --wordlist=passwords.txt --rules hashes.txt
Specific Ruleset
john --wordlist=passwords.txt --rules=Jumbo hashes.txt
Best64 Rules
john --wordlist=passwords.txt --rules=best64 hashes.txt
List Available Rules
john --list=rules
14. Session Management
Start Named Session
john --session=mysession hashes.txt
Restore Session
john --restore=mysession
Check Session Status
john --status=mysession
15. GPU Acceleration
List OpenCL Devices
john --list=opencl-devices
Use OpenCL for MD5
john --format=raw-md5-opencl hashes.txt
Specify GPU Device
john --format=raw-md5-opencl --device=0 hashes.txt
Multiple GPUs
john --format=raw-md5-opencl --device=0,1 hashes.txt
16. Performance Optimization
Benchmark All Formats
john --test
Benchmark Specific Format
john --test --format=raw-md5
Use Multiple Cores
john --fork=4 hashes.txt
Auto-detect Cores
john --fork=auto hashes.txt
17. Advanced Options
Set Max Memory (MB)
john --max-mem=2048 hashes.txt
Time Limit (seconds)
john --max-run-time=3600 hashes.txt
Hybrid Attack
john --wordlist=passwords.txt --mask='?d?d?d' hashes.txt
18. Popular Wordlists
Rockyou.txt Location
/usr/share/wordlists/rockyou.txt
Extract if Compressed
gunzip /usr/share/wordlists/rockyou.txt.gz
Other Common Lists
/usr/share/wordlists/fasttrack.txt /usr/share/john/password.lst
19. Creating Wordlists
Using Crunch
crunch 4 6 -o wordlist.txt
With Specific Charset
crunch 6 8 abcdefg123456 -o wordlist.txt
Using CeWL (Web Crawler)
cewl https://example.com -w wordlist.txt
20. Miscellaneous
Single Crack Mode
john --single hashes.txt
Show Help
john --help
List Build Info
john --list=build-info