John the Ripper/Rules: Difference between revisions
From charlesreid1
No edit summary |
|||
| Line 111: | Line 111: | ||
$ for ruleset in `grep KoreLogicRules /etc/john/john.conf | cut -d: -f 2 | cut -d\] -f 1 | grep Year | grep -v Special`; do john --wordlist=rockyou-10.txt --format=wpapsk --rules=${ruleset} crackme; done | $ for ruleset in `grep KoreLogicRules /etc/john/john.conf | cut -d: -f 2 | cut -d\] -f 1 | grep Year | grep -v Special`; do john --wordlist=rockyou-10.txt --format=wpapsk --rules=${ruleset} crackme; done | ||
</pre> | </pre> | ||
=Other Wiki Pages= | |||
Also on the wiki: | |||
Some information on how to do password generation with John the Ripper and KoreLogic rules (the impatient person's guide): [[John the Ripper/Password Generation]] | |||
More in-detail about the KoreLogic rules: [[John the Ripper/Password Generation/Basics]] | |||
{{JohnFlag}} | {{JohnFlag}} | ||
Revision as of 06:05, 19 August 2015
Using Rules with John
Download an excellent set of John the Ripper rules from KoreLogic security here: http://openwall.info/wiki/_media/john/korelogic-rules-20100801.txt
Based on the 2010 Defcon Crack Me If You Can contest.
Install the Rules
To install the rules, download that text file. Now run this command to add those rules to John's configure file:
$ cat korelogic-rules-20100801.txt >> /etc/john/john.conf
Using Rules
Now you can use any of the rules that are listed here (http://contest-2010.korelogic.com/rules.html) or that you see in the form of [List.Rules:KoreLogicRulesPrependSeason] in the rules file (just get rid of the List.Rules: part.)
$ john --wordlist=rockyou-10.txt --format=wpapsk --rules=KoreLogicRulesPrependYears crackme
List All the Rules
Here's a one-liner to list all the commands in the configuragion file, by grepping and cutting. Remember that each one of these options could have thousands of password variations that result!
$ for ruleset in `grep KoreLogicRules /etc/john/john.conf | cut -d: -f 2 | cut -d\] -f 1`; do echo ${ruleset}; done
KoreLogicRulesPrependSeason
KoreLogicRulesAppendSeason
KoreLogicRulesPrependHello
KoreLogicRulesPrependYears
KoreLogicRulesAppendYears
KoreLogicRulesAppendCurrentYearSpecial
KoreLogicRulesAppend4Num
KoreLogicRulesAppend5Num
KoreLogicRulesAppend6Num
KoreLogicRulesAppendSpecial3num
KoreLogicRulesAppendSpecial4num
KoreLogicRulesPrependCAPCAPAppendSpecial
KoreLogicRulesPrependNumNumAppendSpecial
KoreLogicRulesPrependNumNum
KoreLogicRulesPrependNumNumNum
KoreLogicRulesPrependNumNumNumNum
KoreLogicRulesPrependNumNumSpecial
KoreLogicRulesPrepend2NumbersAppend2Numbers
KoreLogicRulesPrependSpecialSpecial
KoreLogicRulesAppendSpecialNumberNumber
KoreLogicRulesAppendSpecialNumberNumberNumber
KoreLogicRulesPrependSpecialSpecialAppendNumber
KoreLogicRulesPrependSpecialSpecialAppendNumbersNumber
KoreLogicRulesPrependSpecialSpecialAppendNumbersNumberNumber
KoreLogicRulesAppend2Letters
KoreLogicRulesPrepend4NumAppendSpecial
KoreLogicRulesAppend4NumSpecial
KoreLogicRulesAppend3NumSpecial
KoreLogicRulesAppend2NumSpecial
KoreLogicRulesAddJustNumbersLimit8
KoreLogicRulesDevProdTestUAT
KoreLogicRulesPrependAndAppendSpecial
KoreLogicRulesAppendJustNumbers
KoreLogicRulesAppendNumbers_and_Specials_Simple
KoreLogicRulesAppendJustSpecials
KoreLogicRulesMonthsFullPreface
KoreLogicRulesAddShortMonthsEverywhere
KoreLogicRulesPrepend4LetterMonths
KoreLogicRulesAdd2010Everywhere
KoreLogicRulesPrependDaysWeek
KoreLogicRulesAdd1234_Everywhere
KoreLogicRulesAppendMonthDay
KoreLogicRulesAppendMonthCurrentYear
KoreLogicRulesReplaceNumbers2Special
KoreLogicRulesReplaceNumbers
KoreLogicRulesReplaceLettersCaps
KoreLogicRulesAddDotCom
KoreLogicRulesAppendCap-Num_or_Special-Twice
KoreLogicRulesAppendSpecialLowerLower
KoreLogicRulesAppendJustSpecials3Times
KoreLogicRulesPrependJustSpecials
KoreLogicRulesAppend1_AddSpecialEverywhere
KoreLogicRulesPrependNumNum_AppendNumSpecial
KoreLogicRulesAppendNum_AddSpecialEverywhere
KoreLogicRulesAppendNumNum_AddSpecialEverywhere
KoreLogicRulesAppendNumNumNum_AddSpecialEverywhere
KoreLogicRulesAppendYears_AddSpecialEverywhere
KoreLogicRulesL33t
KoreLogicRulesReplaceSpecial2Special
KoreLogicRulesReplaceLetters
Use All the Rules
This is overkill, but it extracts every rule from the KoreLogic rule list and runs john with every one of those rules. From the full list here http://contest-2010.korelogic.com/rules.html you can see that'll take a loooooooong time. But this would be handy to use with grep to filter out some of the rule names.
$ for ruleset in `grep KoreLogicRules /etc/john/john.conf | cut -d: -f 2 | cut -d\] -f 1`; do john --wordlist=rockyou-10.txt --format=wpapsk --rules=${ruleset} crackme; done
A nice subset:
$ grep KoreLogicRules /etc/john/john.conf | cut -d: -f 2 | cut -d\] -f 1 | grep Year | grep -v Special KoreLogicRulesPrependYears KoreLogicRulesAppendYears KoreLogicRulesAppendMonthCurrentYear
Put into use:
$ for ruleset in `grep KoreLogicRules /etc/john/john.conf | cut -d: -f 2 | cut -d\] -f 1 | grep Year | grep -v Special`; do john --wordlist=rockyou-10.txt --format=wpapsk --rules=${ruleset} crackme; done
Other Wiki Pages
Also on the wiki:
Some information on how to do password generation with John the Ripper and KoreLogic rules (the impatient person's guide): John the Ripper/Password Generation
More in-detail about the KoreLogic rules: John the Ripper/Password Generation/Basics
 |
john the ripper password generator and all-around cracking tool.
Testing John: John the Ripper/Benchmarking Using John on Password generation using rules and modes: John the Ripper/Password Generation Installing some useful password rules: John the Ripper/Rules Using John to feed password guesses to Aircrack: Aircrack and John the Ripper John the Ripper on AWS: Ubuntu/Barebones to JtR Getting Passwords from John: John the Ripper/Password Recovery
|