John the Ripper

Command-line options and *2john converters. Commands in English, descriptions follow your language.

Two parts: the john command-line options, then the converters that turn a file/format into a crackable hash.

Command-line options

Cracking Modes

--single[=SECTION[,..]] — Single-crack mode (default or named rules).

--single=:rule[,..] — Single mode using immediate rule(s).

--single-seed=WORD[,WORD] — Add static seed word(s) for single mode.

--single-wordlist=FILE — Short wordlist with static seeds / morphemes.

--single-user-seed=FILE — Wordlist with per-user seeds.

--single-pair-max=N — Override max word pairs generated.

--no-single-pair — Disable single word pair generation.

--[no-]single-retest-guess — Override config for SingleRetestGuess.

--wordlist[=FILE] / --stdin — Wordlist mode, read words from FILE or stdin.

--pipe — Like --stdin, but bulk reads and allows rules.

--incremental[=MODE] — Incremental brute-force mode.

--incremental-charcount=N — Override CharCount for incremental mode.

--external=MODE — External mode or word filter.

--mask[=MASK] — Mask mode using MASK.

--markov[=OPTIONS] — Markov mode.

--prince[=FILE] — PRINCE mode, read words from FILE.

Rules

--rules[=SECTION[,..]] — Enable word-mangling rules.

--rules=:rule[,..] — Use immediate rule(s).

--rules-stack=SECTION[,..] — Stacked rules applied after regular rules.

--rules-skip-nop — Skip any NOP (":") rules.

--loopback[=FILE] — Like wordlist, but extract words from a pot file.

--mem-file-size=SIZE — Threshold for wordlist preload.

--dupe-suppression — Suppress duplicate candidates.

PRINCE Options

--prince-loopback[=FILE] — Fetch words from a pot file.

--prince-elem-cnt-min=N — Min elements per chain.

--prince-elem-cnt-max=[-]N — Max elements per chain.

--prince-skip=N — Initial skip.

--prince-limit=N — Limit number of candidates.

--prince-wl-dist-len — Calculate length distribution from wordlist.

--prince-wl-max=N — Load only N words from wordlist.

--prince-case-permute — Permute case of first letter.

--prince-mmap — Memory-map the input (where supported).

--prince-keyspace — Show total keyspace (ignoring skip/limit).

Incremental / Subsets

--subsets[=CHARSET] — Subsets mode.

--subsets-required=N — First N charset chars are required.

--subsets-min-diff=N — Min unique characters in subset.

--subsets-max-diff=[-]N — Max unique characters in subset.

--subsets-prefer-short — Prefer shorter candidates over smaller subsets.

--subsets-prefer-small — Prefer smaller subsets over shorter candidates.

--make-charset=FILE — Make a charset (overwrites FILE).

Output & Session

--stdout[=LENGTH] — Just output candidate passwords.

--session=NAME — Give a new session the NAME.

--status[=NAME] — Print status of a session.

--restore[=NAME] — Restore an interrupted session.

--[no-]crack-status — Emit a status line when a password is cracked.

--show[=left] — Show cracked passwords (or left = uncracked).

--show=formats — Show information about hashes in a file (JSON).

--show=invalid — Show lines not valid for selected format.

--test[=TIME] — Run tests and benchmarks for TIME seconds each.

--stress-test[=TIME] — Loop self-tests forever.

--test-full=LEVEL — Run more thorough self-tests.

--no-mask — Used with --test for alternate benchmark.

--skip-self-test — Skip self-tests.

--verbosity=N — Change verbosity (1-5 or 6 for debug, default 3).

--no-log — Disable writing to the john.log file.

--log-stderr — Log to screen instead of file.

Targeting & Tuning

--format=[NAME|CLASS][,..] — Force hash type NAME.

--subformat=FORMAT — Pick a benchmark format for format=crypt.

--tune=HOW — Tuning options (auto/report/N).

--reject-printable — Reject printable binaries.

--regen-lost-salts=N — Brute-force unknown salts.

--pot=NAME — Pot file to use.

--no-loader-dupecheck — Disable dupe checking when loading hashes.

--mkpc=N — Request a lower max keys per crypt.

--max-run-time=[-]N — Gracefully exit after N seconds.

--max-candidates=[-]N — Gracefully exit after this many candidates.

--save-memory=LEVEL — Enable memory saving, at LEVEL 1-3.

--node=MIN[-MAX]/TOTAL — This node's number range out of TOTAL.

--fork=N — Fork N processes.

--costs=[-]C[:M][,..] — Load salts with cost value Cn for tunable cost.

--salts=[-]M[:N] — Load M (to N) most populated salts.

--salts=#[COUNT[:MAX]] — Load salts with COUNT to MAX hashes.

--shells=[-]SHELL[,..] — Load users with(out) the listed shell(s).

--progress-every=N — Emit a status line every N seconds.

Misc Options

--help — Print usage summary.

--config=FILE — Use FILE instead of john.conf or john.ini.

--encoding=NAME — Input encoding (e.g. UTF-8, ISO-8859-1).

--input-encoding=NAME — Input encoding alias.

--internal-codepage=NAME — Codepage used in rules/masks.

--target-encoding=NAME — Output encoding (used by format).

--force-tty — Read keystrokes even when not foreground.

--field-separator-char=C — Use C instead of ":" in input/pot files.

--[no-]keep-guessing — Try finding plaintext collisions.

--list=WHAT — List capabilities (see --list=help).

--length=N — Shortcut for --min-len=N --max-len=N.

--min-length=N — Minimum candidate length.

--max-length=N — Maximum candidate length.

--users=[-]LOGIN|UID[,..] — Load this (these) user(s) only.

--groups=[-]GID[,..] — Load users of this (these) group(s) only.

--bare-always-valid=Y — Treat bare hashes as valid (Y/N).

--catch-up=NAME — Catch up with existing session NAME.

*2john converters (extract a hash)

Converters (*2john)

1password2john.py — Manipulate 1Password .agilekeychain files.

7z2john.pl — Generate hashes from 7z files.

DPAPImk2john.py — Extract the DPAPI Master Key hash for a user.

adxcsouf2john.py — Extract ADXCRYPT / SHA-1 hashes from ADXCSOUF/ADXEPWOF .DAT.

aem2john.py — Convert native Adobe AEM hashes to JtR format.

aix2john.pl & aix2john.py — Convert AIX /etc/security/passwd.

andotp2john.py — AndOTP hashes to John.

androidbackup2john.py — Extract & repack adb-created Android backups.

androidfde2john.py — Convert Android FDE images/disks to JtR.

ansible2john.py — Generate the hash of an Ansible Vault.

apex2john.py — Dump hashes of APEX.

applenotes2john.py — Extract hashes from password-protected Apple Notes.

aruba2john.py — ArubaOS password hashing algorithm.

axcrypt2john.py — Extract hash from AxCrypt encrypted/self-decrypting files.

bestcrypt2john.py — Extract hash from BestCrypt containers.

bitcoin2john.py — Retrieve hash from Bitcoin wallets.

bitshares2john.py — Extract hashes from BitShares databases.

bitwarden2john.py — Extract hashes from local Chrome/Firefox/Android data.

bks2john.py — Convert BKS keystores to JtR format.

blockchain2john.py — Blockchain wallet files.

ccache2john.py — Extract a crackable hash from krb5 credential cache.

cisco2john.pl — Initial Cisco type 4 password decoder.

codepage.pl — Map a code point to a character ID.

cracf2john.py — Process CRACF.TXT files into JtR format.

cronjob — Allow John to create and edit cron jobs.

dashlane2john.py — Retrieve hashes from Dashlane .aes/.dash files.

deepsound2john.py — Extract hashes from DeepSound stego audio files.

diskcryptor2john.py — Retrieve hash from DiskCryptor.

dmg2john.py — Apple Disk Samples (DMG).

ecryptfs2john.py — Helper for cracking eCryptfs.

ejabberd2john.py — Extract hashes from ejabberd-created files.

electrum2john.py — Generate a hash of an Electrum wallet file.

encfs2john.py — Process EncFS files into JtR format.

enpass2john.py — Extract hashes from Enpass 6.x databases.

enpass5to2john.py — Extract hashes from Enpass 5.x databases.

ethereum2john.py — Retrieve hash from Ethereum wallets (Geth/Mist/MyEtherWallet).

filezilla2john.py — Retrieve hashes from FileZilla Server.xml.

hccapx2john.py — Process hccapx files into JtR format.

hextoraw.pl — Convert a hexadecimal value to raw.

htdigest2john.py — Process htdigest files into JtR format.

ibmiscanner2john.py — Convert userid:hash to as400-sha format.

ikescan2john.py — Process ike-scan output into JtR format.

ios7tojohn.pl — Generate the hash to brute-force iOS 7 PIN.

itunes_backup2john.pl — Generate a hash for cracking iOS backups.

iwork2john.py — Generate a hash for cracking iWork files.

kdcdump2john.py — Kdcdump patch output translation for JtR.

keychain2john.py — Rework Mac OS X keychain files into JtR format.

keyring2john.py — Convert GNOME Keyring files to John format.

keystore2john.py — Only Sun JKS files are supported.

kirbi2john.py — Parse Kerberos tickets from .kirbi to JtR.

known_hosts2john.py — Process known_hosts files for JtR.

krb2john.py — Retrieve AS-REQ and TGS-REP hashes.

kwallet2john.py — Retrieve the KWALLET hash.

lastpass2john.py — Convert LastPass input to JtR format.

libreoffice2john.py — Process OpenOffice/LibreOffice files for JtR.

lion2john-alt.pl — Convert Apple OS X Lion plist to shadow format.

lion2john.pl — Retrieve SHA-512 salted hashes from OS X 10.7 Lion.

lotus2john.py — Generate a hash for Lotus Notes.

luks2john.py — Generate a hash for cracking LUKS.

mac2john-alt.py — Extract password hashes from OS X (>= 10.8).

mac2john.py — Extract password hashes from OS X (>= 10.8).

mcafee_epo2john.py — Convert McAfee ePO passwords to John format.

monero2john.py — Retrieve hashes from Monero databases.

money2john.py — Generate a hash from MS Money files.

mozilla2john.py — Mozilla key3.db password master cracker assistant.

multibit2john.py — Hash for MultiBit Classic and HD wallets.

neo2john.py — Generate hash from the Neo Blockchain wallet.

netntlm.pl — Aid cracking a LM/NTLM challenge/response set.

netscreen.py — Generate a netscreen-formatted password.

office2john.py — Extract hash from MS Office files.

openbsd_softraid2john.py — OpenBSD 6.1 softraid (bcrypt PBKDF).

openssl2john.py — Crack files encrypted with openssl enc.

padlock2john.py — Extract hashes for Padlock Android cracking.

pcap2john.py — Combine several pcap conversion utilities.

pdf2john.pl — Extract hash from encrypted PDF files.

pem2john.py — Generate hashes from .pem (PKCS#8).

pfx2john.py — Hash to crack password-protected PKCS12 files.

pgpdisk2john.py — Hashes for PGP Virtual Disk (.pgd).

pgpsda2john.py — Hash for SDA / Symantec Encryption Desktop PGP archives.

pgpwde2john.py — Hash from PGP WDE / Symantec disk images.

prosody2john.py — Extract hashes from Prosody IM .dat files.

pse2john.py — Parse PSE files and extract encrypted material.

pwsafe2john.py — Process Password Safe files into a JtR hash.

radius2john.pl — Extract and brute-force RADIUS shared-secret.

radius2john.py — Extract and brute-force RADIUS shared-secret.

rexgen2rules.pl — Generate John rules from rexgen rules.

sap2john.pl — Convert SAP password hashes to JtR format.

signal2john.py — Hash extraction for Signal messenger.

sipdump2john.py — Process sipdump output files for JtR.

ssh2john.py — Retrieve hashes from RSA/DSA/EC/OpenSSH keys.

sspr2john.py — Retrieve NetIQ SSPR hashes from an LDAP server.

staroffice2john.py — Convert StarOffice files into JtR format.

strip2john.py — Process STRIP files for JtR.

telegram2john.py — Extract hashes from Telegram Android/Desktop storage.

tezos2john.py — Create a Tezos file for John the Ripper.

truecrypt2john.py — Import TrueCrypt volume to a crackable format.

unrule.pl — Extract basewords from a list of plains.

vdi2john.pl — Convert .vbox encryption info for JtR processing.

Compiled from the two “John the Ripper” charts by Hacking Articles (Ignite Technologies); descriptions condensed.