Command Line Options

Comprehensive guide to John the Ripper's command line options and flags

John the Ripper offers a wide range of command-line options to customize its behavior for different password cracking scenarios. This guide covers the most important options organized by category.

General Options

Basic Options

OptionDescription
--helpDisplay help information
--versionDisplay version information
--list=WHATList capabilities, where WHAT can be: formats, subformats, inc-modes, rules, externals, sections, or parameters

Session Management

OptionDescription
--session=NAMEName a new cracking session
--restore[=NAME]Restore a previously interrupted session
--status[=NAME]Display status of a session

Example:

# Start a named session
john --session=webserver hash.txt

# Restore the session later
john --restore=webserver

Wordlist Mode Options

Basic Wordlist Options

OptionDescription
--wordlist=FILEUse FILE as a wordlist
--stdinRead words from standard input
--pipeLike --stdin, but bulk reads

Rules and Transformations

OptionDescription
--rules[=SECTION]Enable word mangling rules
--rules-stack=SECTION[,..]Stack rules sections
--loopback[=FILE]Use already cracked passwords as a wordlist

Example:

# Use a wordlist with rules
john --wordlist=rockyou.txt --rules hash.txt

# Use previously cracked passwords as input
john --loopback hash.txt

Incremental Mode Options

OptionDescription
--incremental[=MODE]Use incremental mode
--mask=MASKSpecify a mask for hybrid attacks
--markov[=LEVEL[:START[:END[:VALUE]]]]Use Markov chains

Example:

# Use incremental mode with the "All" character set
john --incremental=All hash.txt

# Use Markov mode with level 1
john --markov=1 hash.txt

Format-Specific Options

OptionDescription
--format=NAMEForce hash type NAME
--subformat=FORMATSelect a benchmark format for --format=crypt
--list=formatsList all available formats

Example:

# Force MD5 format
john --format=raw-md5 hash.txt

# List available formats
john --list=formats

Performance Options

Threading and Parallelization

OptionDescription
--fork=NFork N processes
--node=MIN[-MAX]/TOTALThis node's number range out of TOTAL count

Hardware Acceleration

OptionDescription
--devices=N[-M]Set OpenCL device(s)
--platform=NSet OpenCL platform
--tune=NTuning options for OpenCL

Example:

# Use 4 processes
john --fork=4 hash.txt

# Use OpenCL device 0
john --devices=0 --format=opencl hash.txt

Output and Display Options

OptionDescription
--show[=LEFT]Show cracked passwords
--show=formatsShow formats in which hashes were cracked
--show=invalidShow lines that are not valid for selected format
--pot=NAMESpecify pot file to use
--encoding=NAMEInput encoding (eg. UTF-8, ISO-8859-1)

Example:

# Show cracked passwords
john --show hash.txt

# Use a specific pot file
john --pot=custom.pot hash.txt

Advanced Options

External Mode

OptionDescription
--external=MODEExternal mode or word filter
--regen-lost-salts=NRegenerate lost salts (see doc/OPTIONS)

Benchmark and Testing

OptionDescription
--test[=TIME]Run tests and benchmarks for TIME seconds each
--stress-test[=TIME]Run stress tests for TIME seconds each

Example:

# Run benchmarks for 5 seconds per format
john --test=5

# Use external mode
john --external=filter_digits hash.txt

Practical Examples

Cracking Linux Shadow Passwords

sudo unshadow /etc/passwd /etc/shadow > passwords.txt
john --wordlist=/usr/share/wordlists/rockyou.txt passwords.txt

Cracking Windows NTLM Hashes

john --format=nt --wordlist=/usr/share/wordlists/rockyou.txt ntlm_hashes.txt

Using Multiple Cores

john --fork=4 --format=md5crypt hashes.txt

Using GPU Acceleration

john --format=md5crypt-opencl --devices=0 hashes.txt

Next Steps

After mastering the command-line options, explore:

  • Hash Formats - Learn about the different hash formats supported by John
  • Basic Usage - Review the fundamental operations of John the Ripper