John the Ripper is a powerful password cracking tool used for security auditing and penetration testing. Below are essential commands to get you started with its functionalities.

Test Crack Speed

This command helps you benchmark the cracking speed of John the Ripper on your system. It tests various cracking methods and reports the speed in cracks per second.

# To show the types of passwords that John can crack with crack speed (in cracks/second)
john --test

Use Custom Wordlists

Leverage your own wordlists to enhance John the Ripper's effectiveness. The popular Rockyou wordlist is often recommended for its comprehensive nature.

# To use your own word list (the Rockyou list is suggested)
john --wordlist=[filename] [passwordfile]

Show Cracking Results

After running John the Ripper, you can view the successfully cracked passwords stored in the John.pot file, typically located in ~/.john/john.pot.

# To show your results after running john (shows ~/.john/john.pot)
john --show

Restore Interrupted Sessions

If a John the Ripper session is interrupted, you can resume it from where it left off, saving time and progress.

# To restore an interrupted john session
john --restore

Additional Resources

For more in-depth information and advanced usage, refer to the official John the Ripper documentation and related security resources.

• OpenWall John the Ripper
• OWASP Password Storage Cheat Sheet
• Mask Attacks in Password Cracking