John the Ripper / Hashcat rule, reject candidate if char at position X is the same as character at position Y

I’m using John to generate some word lists and I’m trying to figure out the most optimized way to do the next step. What I want to do is add ever possible 3 digit number to a set where the first digit of the number is not the same as the first digit in the set

Set example 123ABC

to add

+ 213 = 123ABC213 OK

+ 131 = 123ABC131 REJECT

I see rules that reject unless a string includes, but not a comparison function like this.

I could make the whole list and prune it after with a python script, but it would be way bigger than needed.

Thank you!

John the ripper – ecryptfs – sample not cracked: 0 password hashes cracked

Good morning all,

I tried to use john the ripper on the sample : ecryptfs_sample_metadata.tar (password is ‘openwall’)

witch i downolad here:

The passeword is openwall.

If i try

sudo john ecryptfs_sample_metadata.tar --progress-every=10 --mask='openwal?l' 

The result is:

Warning: detected hash type "mysql", but the string is also recognized as "oracle" Use the "--format=oracle" option to force loading these as that type instead Warning: detected hash type "mysql", but the string is also recognized as "pix-md5" Use the "--format=pix-md5" option to force loading these as that type instead Using default input encoding: UTF-8 Loaded 1 password hash (mysql, MySQL pre-4.1 [32/64]) Warning: no OpenMP support for this hash type, consider --fork=4 Press 'q' or Ctrl-C to abort, almost any other key for status 0g 0:00:00:00  0g/s 185.7p/s 185.7c/s 185.7C/s openwala..openwalq Session completed 

If i try show i have the result:

0 password hashes cracked, 1 left 

I try to ad




with the same result.

Does anyone have an idea why the password is not cracked?

John the Ripper doesn’t crack passwords when I use wordlists

Title says it all, I can’t tell if John is just crashing or “gives up” on cracking the hash. First I start off by creating an md5 hash out of a word I KNOW is on the rockyou.txt wordlist:

echo -n 'password' | md5sum > testhash 

After removing the hyphen at the end of the test hash file:


Now I attempt to crack the md5 hash using the following John the Ripper command:

john --format=raw-md5 --wordlist= /usr/share/wordlists/rockyou.txt testhash 

I get the output:

Loaded 1 password hash (Raw-MD5 [MD5 256/256 AVX2 8*3]) No password hashes left to crack (see FAQ) 

Then I run:

john --show testhash 

Which outputs:

0 password hashes cracked, 2 left 

Sorry if I’m doing something terribly wrong, but I’m at a loss here. I’m assuming it’s something wrong with how my installation of John on Kali Linux is handling the wordlist. Thank you in advance!

Issue using John The Ripper

First things first, I’m a newbie so, bear with me…

I created a word list with a combination of a possible password for a certain user using Crunch (it’s the dictionary output) and need to use John The Ripper to sort through all the possible combinations in the wordlist created for the password and display it, alongside the hash and also need to add the –format=nt option, since the hash came from a Windows system. The hash is saved on another file and is in the correct format. However, I’m having trouble with this, can’t seem to figure this out and, for better understanding, here are the screenshots of what I did:

Jonh The Ripper

Can you tell me what I’m doing wrong? What am I missing?

John the ripper not working with long salt

I am currently working on a crypto challenge. Here I need to brute force a password. It’s SHA512 and the salt is given. But for some reason I can’t load the salt + hash into JTR because it’s complaining about the salt.

This is the salt + hash:

c0f4b188-3637-46ab-921e-93b07cd0dd9f$  f1056c489a2120c32b03edbc1221a803d49c72b770f70a706cf6e748002d39ad70741ac980593174ab479ca47f20f411f8285d31234d1a82883aaf95618e4134 

And I am trying to start the brute-force like so:

john --subformat=dynamic_81 --incremental=Alnum --min-length=5 --max-length=5 hash 

dynamic_81 = SHA512($ salt.$ password)

If I remove the dashes from the salt, then it will load the hash. But the dashes are part of the salt so I can’t just remove them…

Does anyone know if I need to convert the salt somehow for JTR to accept it?


John The Ripper and Amd

My question has two parts, How can I get JTR to use my AMD GPU and Does anyone have any idea how to install the AMD drivers in Kali? To start been trying with Hashcat, JTR and Pyrit no luck with anything on Hashcat except the Opencl in Kali, Pyrit I’ll just leave it there. System Hp 6300 Pro SFF OS Kali Linux 2019.03 CPU Intel i7 3700 Kali is on a Seagate Barracuda SSD 500 GB Storage and back up all in same computer Seagate Gaming Firecuda Hybrid 2 TB Hitachi HDD 2 TB 24 GB Corsair Vengance RAM AMD RX 560 GPU 4 GB Drivers Most current AMD Driver Most Current Intel Opencl I tried Rocm to start researched found out reason it wasn’t working is it isn’t compatible with Polaris 21 that’s in GPU. I edited the permissions in the Ubuntu driver and it halfway installed there’s a lot that’s not there that way. Found a lot of tutorials on how to install in Kali the road block is install the AMD drivers then AMD SDK. AMD doesn’t have the SDK anymore but I found it on GIT, but I can’t do anything until I get the drivers to install. I can’t get any of the programs I mentioned to work with it in Ubuntu or Windows. In Windows Hashcat accepts the GPU but not the Opencl. In Ubuntu it’s a wash even though the drivers work in Ubuntu. The reason for Kali is JTR will use all eight threads it wont on Windows and wont use the GPU on Windows either. So Kali and JTR are my best shot. Any ideas would be fantastic in two months I haven’t got even one reply on Kali Forums, so if you can fix it your the Ninja.

John the Ripper – Can’t get cracked MD5 hash to show

I’m trying to crack some MD5 hashes given in OWASP’s BWA on their DVWA site. I was able to use John the Ripper and the very first time it worked fine and it showed the reversed hashes using the code:

john --format=raw-md5 --wordlist=/usr/share/wordlists/rockyou.txt hash.txt 

However, whenever I try to do it again for the exact same file, it gives back the following:

Using default input encoding: UTF-8 Loaded 6 password hashes with no different salts (Raw-MD5 [MD5 128/128 XOP 4x2]) Remaining 1 password hash Press 'q' or Ctrl-C to abort, almost any other key for status 0g 0:00:00:01 DONE (2017-02-22 17:31) 0g/s 8746Kp/s 8746Kc/s 8746KC/s                   ..*7¡Vamos! Session completed 

john the ripper – crack passphrase ssh

i have ssh private key and i transform it with ssh2john. Then i do crack with john --wordilist=/usr/share/wordlists/rockyou.txt file.txt but the tool return me No password hashes loaded (see FAQ)

The output of ssh2john (and input of john) is

sshng$  0$  8$  53D881F299BA8503$  1192$  49e08d630fc1b173f242ad4744b1042a188d2157ed65a83339c73ae1f7f5229268f48786ed9ff38febf574221d7a3ba4ee4b5015ccd396db67ac88fa99d05beab9cde82b0fd2f6f3f4dcd1072835a3a71219dacbd8498937f792c43e0058b7339f7d853d8d158e5215ae1e2b8e145edb03cda2001c8821e6646101d2d82fdbf7b2c44eb755c473af1242625fa1bd267a7efb125fc03842beeb6dff5f9f3e0f226220bab177561426765126cc3453e26fe9a9fdd3986024f7ec2b8aa9e438315023ed88d5c3dbf094612d2cf7a720775ffb863939d8a78684abe010676bc4273dc57d7f525fd93b75de8a699b52033aa2c3df35112f390e4f4d528f2e2f19d9030dec17b3f3e04b89d07a68d5e66062d2b3bc32abaf0f2ea3844269dc7b2874538a729776e1f39c60354113b3656ef11371c42f7bf147d80c57c8094470d90cc23dc65c3df505707313dc15adf5033576ca9deaef297de7848230eb62e110b7678c944e30e41dd1d0a0470689e14e594fa2d688a3e1caf1d4b6ced8bb7c9c72ba1b509cabb88ea27e11b1346556bbfc962206af19e1398dbde5ef5dae5ec15cfa49adbc2ca3cc711e54f7df7dd853d7638502cda79fb61f8fa2ea6994dedda8813a0fe2c915728a839420be8fa8433a5e1ba43f6de93209bab5b19a91a03717acabc36c01e9ed6ec0fec65e16eaae66b8b2509a3ff142bac769c1190c623c916bd9135885995903ff10519f0a0667986d0f28a52cfa65f51f8387b6f2de53e6f247fcb509c7b2aa511dc7b20451699ead0051d10a926d4b44c2c03d820b6e52868f0ac2a91bc129130897ab49883f3b34ce8906843274e11ca67fba0d4fb601cb5e8dbbabd1a33be08c9e7a7ac629249921932c776913486531cbda3fc4f283914c3f4855324a69b08aa8852fa3da0e0c564301f1b71be61cc84be9c8ad35d2304dc393489733991da927192884bac7ed8ad2d9a94ab0cd05a45c26773d7f5c3485d83ee26dffd6d660312f952612a3b485422e5b57511701e336f6a84a4f9fac0a7a89ce883d84a6768f06618cbca57bdcab07d1a7162500266ee058a2ea1622e16a614f7645603af0ed2b602b4e246c3ed090f78dabd12fd489f69d57731473c887acfe7e6a5b81f5a07a52c77367ad489638fb90846e401c6045273d663d48f389eea794efe6ff7aace129b9299db96688ad5fdeb78e3366142b2f1a6a57a19c9626926af7b77a8647384011372473c1cb135d5d184fa5e1b6ba58136ed791a811602ccf3b4cb885757a69edf7ba0c2269dfa27b4e61dc01ebfda80aec894e27fc570fd6b56a9935ba5ecbdef4e1af666a9ffe6c3a9e410e35f81f000836ca5a8bec8325a2fd4a62313ea6eab5fe14fe43e44f33ad8b679e6a88a3bbf11eab41594c636a109d9c1ae4605ce5e8a591805cf1dde4dab65656cabe24b2f166b686d891954040f0015b3fa01e9b8a96baa10bd00dcebfc99fee597c6d369a817f79d2f56e9f473d1238ec3caf2f0cd3d7fe4bf59cfa63ed4ccde9dd4e2dcaaf343f61c7ebe58011bd8c8c2db2e3304b4f52f262638d2eda79956fa42aa62cb6cebfda325869ba964f93fc6df282a1282fa5f6680e4ec01762309b4e62d7cd5ad7d79536d7405dc441540dc8b1362c13a68052e8c7f108e67037fd59bf4984f04088fb8e0b72a56ddf 

Why? Help me