Skip to content

John The Ripper

Custom sha512 format (salt)

# format : hash$salt
$ cat sha512_salt.hash
6d05358f090eea56a238af02e47d44ee5489d234810ef6240280857ec69712a3e5e370b8a41899d0196ade16c0d54327c5654019292cbfe0b5e98ad1fec71bed$1c362db832f3f864c8c2fe05f2002a05

$ john sha512_salt.hash --wordlist=/opt/rockyou.txt --format='dynamic=sha512($p.$s)'
[...]
Using default input encoding: UTF-8
Loaded 1 password hash (dynamic=sha512($p.$s) [128/128 AVX 2x])
Warning: no OpenMP support for this hash type, consider --fork=8
Press 'q' or Ctrl-C to abort, almost any other key for status
november16       (?)
1g 0:00:00:00 DONE (2021-12-13 13:53) 50.00g/s 924000p/s 924000c/s 924000C/s yasmeen..nolan
Use the "--show --format=dynamic=sha512($p.$s)" options to display all of the cracked passwords reliably
Session completed

Using rules

$ john --wordlist=words.lst --rules=KoreLogic --stdout > words_KoreLogic.lst

Add custom rules

Path :

  • /etc/john/john.conf
  • /opt/john/john.conf
  • /usr/share/john/john.conf

Rules :

  • Az : Word from original wordlist
  • "[0-9]" : One digit
  • [!@#$] : Special chars
  • ^, $ : Beginning / end of word.
[List.Rules:THM-Password-Attacks]
Az"[0-9][0-9]" ^[!@]

Crack ZIP

$ zip2john 8702.zip > zip.hash
$ john zip.hash --wordlist=/opt/rockyou.txt