Description:
A tool for finding users' weak passwords.
This man page briefly describes the john command. This man page was written for the Debian GNU/Linux distribution, because the original program does not have a man page. John, also known as John Ripper, is a tool for finding users' weak passwords on the server. John can use a dictionary or some search mode and password file to check the password. John supports different cracking modes and understands many ciphertext formats, such as several DES variants, MD5 and blowfish. It can also be used to extract AFS and Windows NT passwords.
Usage:
To use John, you only need to provide a password file and the required options. If no mode is specified, john will first try "single", then "wordlist", and finally "incremental".
After ohn finds the password, it will be printed to the terminal and saved in a file named ~/.john/john.pot. John will read the file when it restarts, so it will not try to crack the completed password.
To view the cracked password, please use
john -show passwd
Important note: Please be in the same directory as the cracked password (when using cronjob, please use /var/lib/john), otherwise it will not work.
When cracking, you can press any key to get the status, or press Ctrl + C to terminate the session and save the point information to a file (default is ~/.john/john.rec). By the way, if you press Ctrl + C twice, John will immediately abort without saving. If a crash occurs, the point information will be saved every 10 minutes (configurable in the configuration file ~/.john/john.ini or ~/.john/john.conf).
To continue