Go Back   Xisp.org Forums > Porn Password Cracking > Tools of the Trade

Jayman

Reply
Views: 2182 - Replies: 16  
Thread Tools Display Modes

Jayman
Old 01-06-2005, 09:50 AM   #1
sPlico
The sPlicster
 
sPlico's Avatar
 
sPlico is offline Offline
Join Date: Jan 2005
Location: Croatia
Posts: 9,486
Threads: 407
sPlico is on a distinguished road
Default Jayman

Code:
Use a 32bit version of john, or the windows version as these support long file names
What is a .BAT file
A .BAT file or BATCH file enables you to process DOS commands [amongst others] from a file.

How can this help with JOHN
Encrypted-Password-filename/s - The name of your encrypted password file
Wordlist-filename - The name of your wordlist, which has a single word per line
Decrypted-passes-filename - The name of your file which has all your cracked combos

john -si Encrypted-Password-filename/s
john -w:Wordlist-filename Encrypted-Password-filename/s
john -show Encrypted-Password-filename/s > Decrypted-passes-filename

These are the most common commands you'll run with JTR [aka John]. Decrypting a file using a -si and -w attacks, then outputting the results to a file.

So let's put it in a BAT file
Encrypted-Password-filename/s - The name of our file in this example is site.pf
Wordlist-filename - The name of our file in this example is wordlist.txt
Decrypted-passes-filename - The name of our file in this example is site.txt

- Open Notepad, copy and paste the information between the REM ------------------
REM ------------------

REM This is a REMark statement, Use it to make comments in your file

REM Change site.pf, wordlist.txt, site.txt to the names of your files

REM First we want to run a -si crack on site.pf

john -si site.pf

REM Next we want to run a wordlist.txt on that baby

john -w:wordlist.txt site.pf

REM Finally we want JTR to make us a file with any cracked passwords

john -show site.pf > site.txt

REM ------------------

- Muwahahahahaha, you can delete the lines that have REM in it, they don't do anything
- So your file should look like this, with your own filenames of course :p
Quote:
john -si site.pf
john -w:wordlist.txt site.pf
john -show site.pf > site.txt
Code:
Reminder
site.pf should have your password file name
wordlist.txt should have your wordlist name
site.txt is the name you choose for your decrypted combos
- In Notepad, choose File
- From the File dropdown list, Click on Save
- Navigate to your directory which has john.exe in it
- Name your file whatever you want, I use the name _john.bat
- Click in the Dropdown Box by Save Type As, and change it to All Files (*.*)
- Click the Save button

Running your BAT file
- Open Explorer, and navigate to the directory that has john.exe in it
- Find your bat file
- Double click on it to run it.

Your batch file will now run, hopefully you've done everything right and john is a happy camper.

Using the REM Statement
As I mentioned earlier, the REM or REMark statement doesn't execute code.

Quote:
john -si site.pf
john -w:wordlist.txt site.pf
john -show site.pf > site.txt
Using our example, let's say we have another Encrypted-Password-filename/s named site1.pf

So obviously we want to change the site.pf to site1.pf in our BAT file, but wait a second

john -show site.pf > site.txt

That line decrypts the site.pf and outputs it to site.txt, rather than replacing site.pf, we could copy it, then REM the line

REM john -show site.pf > site.txt

So our new file would look like this with our changes

Quote:
john -si site1.pf
john -w:wordlist.txt site1.pf
john -show site1.pf > site1.txt
REM john -show site.pf > site.txt
We're probably always going to go back and decrypt site.pf and once our john.pot gets bigger, or we try other cracking methods, its good to have john preset to dump our results

You'll probably want to have a few REM statements in your BAT file, just to keep yourself orientated

Quote:
REM -------- john's cracking attack ---------
john -si site1.pf
john -w:wordlist.txt site1.pf

REM -------- Decrypting Password Files --------
john -show site1.pf > site1.txt
REM john -show site.pf > site.txt
Moving ahead, Using john's SESSION and RESTORE commands
session-name - This can be any name you desire

john -session:session-name
john -restore:session-name

The SESSION command in john allows you to save the progress of your crack attack. It works with the -w and -i cracking modes

The RESTORE command will resume a session, or resume the last session if session-name is given

Ok, lets say you have a number of different wordlists you use say as an example
quicklist.txt
genrelist.txt
one-of-floodas-hugeass-lists.txt :p
one-of-Th3-DOORS-lists-that-makes-mine-look-limp.txt muwahahahahaha


LoL

Ahem

Getting back on topic.

Opening our BAT file, we need to put in lines for each wordlist.

Quote:
REM -------- john's cracking attack ---------
john -si site1.pf
john -w:quicklist.txt site1.pf
john -w:genrelist.txt site1.pf
john -w:one-of-floodas-hugeass-lists.txt site1.pf
john -w:one-of-Th3-DOORS-lists-that-makes-mine-look-limp.txt site1.pf

REM -------- Decrypting Password Files --------
john -show site1.pf > site1.txt
REM john -show site.pf > site.txt
Now thats fine, and under ideal conditions and a huge ass fast system you'll have no problems, but as is the case, john sometimes gets tempremental, so sessions are needed

Although you can name your session-name anything, I'd use a format that you can quickly understand.

I suggest using this format

_Encrypted-Password-filename-Wordlist-filename.ses

From our example this would be
_site.pf-quicklist.txt.ses

If you're using WILDCARDS, as a suggestion
_DecryptingAll-Wordlist-filename.ses

Code:
WILDCARDS are used to load a group of files depending on how you set the wildcard

So *.pf will load all file with the extention PF
Or *pf* will load all files that have pf in thier filename

WILDCARDS are excellent to use
You will notice I use a _ character before the session-name. The reason I do this is because the file will appear near the beginning of the directory, so its easy to spot where you're at.

Of course the session-name is entirely up to you to name.

So lets see it in our BAT file

Quote:
REM -------- john's cracking attack ---------
john -si site1.pf
john -w:quicklist.txt site1.pf -session:_site1.pf-quicklist.txt.ses
john -w:genrelist.txt site1.pf -session:_site1.pf-genrelist.txt.ses
john -w:one-of-floodas-hugeass-lists.txt site1.pf -session:_site1.pf-one-of-floodas-hugeass-lists.txt.ses
john -w:one-of-Th3-DOORS-lists-that-makes-mine-look-limp.txt site1.pf -session:_site1.pf-one-of-Th3-DOORS-lists-that-makes-mine-look-limp.txt.ses

REM -------- Decrypting Password Files --------
john -show site1.pf > site1.txt
REM john -show site.pf > site.txt
Now you can run your bat file

Now if john crashes, or you decide to do a CTRL-C, the last session john was working on will appear

Code:
Just a Note
John will delete any session that as been completed
Lets' imagine that john stopped during its _site1.pf-genrelist.txt.ses cracking session.

What we need to do is use a REM statement and add the RESTORE command to our bat

We know these have been done
john -si site1.pf
john -w:quicklist.txt site1.pf -session:_site1.pf-quicklist.txt.ses
  Reply With Quote

Old 01-06-2005, 09:51 AM   #2
sPlico
The sPlicster
 
sPlico's Avatar
 
sPlico is offline Offline
Join Date: Jan 2005
Location: Croatia
Posts: 9,486
Threads: 407
sPlico is on a distinguished road
Default

Continuation

So we REM them

REM john -si site1.pf
REM john -w:quicklist.txt site1.pf -session:_site1.pf-quicklist.txt.ses

john was last doing this line

john -w:genrelist.txt site1.pf -session:_site1.pf-genrelist.txt.ses

We'll REM that as well and add the RESTORE command

REM john -w:genrelist.txt site1.pf -session:_site1.pf-genrelist.txt.ses
john -restore:_site1.pf-genrelist.txt.ses

You might want to add a REM on what occurred, it's good to keep notes.

Quote:
REM -------- john's cracking attack ---------
REM john -si site1.pf
REM john -w:quicklist.txt site1.pf -session:_site1.pf-quicklist.txt.ses
REM john -w:genrelist.txt site1.pf -session:_site1.pf-genrelist.txt.ses

REM -------- john's cracking attack interrupted ---------
john -restore:_site1.pf-genrelist.txt.ses
john -w:one-of-floodas-hugeass-lists.txt site1.pf -session:_site1.pf-one-of-floodas-hugeass-lists.txt.ses
john -w:one-of-Th3-DOORS-lists-that-makes-mine-look-limp.txt site1.pf -session:_site1.pf-one-of-Th3-DOORS-lists-that-makes-mine-look-limp.txt.ses

REM -------- Decrypting Password Files --------
john -show site1.pf > site1.txt
REM john -show site.pf > site.txt
If later down the track john stops at _site1.pf-one-of-floodas-hugeass-lists.txt.ses we'll need to adjust our bat again

Quote:
REM -------- john's cracking attack ---------
REM john -si site1.pf
REM john -w:quicklist.txt site1.pf -session:_site1.pf-quicklist.txt.ses
REM john -w:genrelist.txt site1.pf -session:_site1.pf-genrelist.txt.ses
REM john -w:one-of-floodas-hugeass-lists.txt site1.pf -session:_site1.pf-one-of-floodas-hugeass-lists.txt.ses

REM -------- john's cracking attack interrupted ---------
john -restore:_site1.pf-one-of-floodas-hugeass-lists.txt.ses
john -w:one-of-Th3-DOORS-lists-that-makes-mine-look-limp.txt site1.pf -session:_site1.pf-one-of-Th3-DOORS-lists-that-makes-mine-look-limp.txt.ses

REM -------- Decrypting Password Files --------
john -show site1.pf > site1.txt
REM john -show site.pf > site.txt
Notice the change, we've deleted the john -restore:_site1.pf-genrelist.txt.ses line and added -restore:_site1.pf-one-of-floodas-hugeass-lists.txt.ses

You'll also notice I'm not deleting the lines with wordlists already done because you can always remove the REM and use a different Encrypted-Password-filename/s or site1.pf

Some final thoughts

Decrypted-passes-filename - The name of your file which has all your cracked combos and can contain the directory path.

Let's say you keep your wordlists in a different directory from john, just use the fullpath name as Decrypted-passes-filename.

Example, I keep my wordlists in c:\_wordlists\

So my Decrypted-passes-filename is c:\_wordlists\site.txt

Anyway, if you're not using BAT files, maybe its time you have a look at them

Quote:
If you don't want the REMs to show in the viewing window then add a @ before them

Example

@REM john -si site1.pf
  Reply With Quote

Old 02-28-2005, 05:44 AM   #3
agajan_m
Guest
 
Posts: n/a
Threads: 5107
Default

This was so useful. great job man. thanks for sharing.

i didnt meet like that forum. in here everyone sharing their knowledges and we (newbies) are getting new skills. we proud of like yours
  Reply With Quote

Old 02-28-2005, 10:05 AM   #4
sPlico
The sPlicster
 
sPlico's Avatar
 
sPlico is offline Offline
Join Date: Jan 2005
Location: Croatia
Posts: 9,486
Threads: 407
sPlico is on a distinguished road
Default

This was jayman's tutorial tho, not mine.
  Reply With Quote

Thanks for tuto.
Old 03-09-2005, 05:36 PM   #5
brunerz
Guest
 
Posts: n/a
Threads: 5107
Smile Thanks for tuto.

Thanks For this tutorial. It's very good.
  Reply With Quote

Old 03-10-2005, 01:11 AM   #6
splendidly_null
Retired Staff
 
splendidly_null's Avatar
 
splendidly_null is offline Offline
Join Date: Feb 2005
Location: Maryland, USA
Posts: 906
Threads: 20
splendidly_null is on a distinguished road
Default

very nice tutorial, lots to learn here and I would recommend all JTR newbies read
  Reply With Quote

Old 03-13-2005, 04:37 AM   #7
Lie8
Guest
 
Posts: n/a
Threads: 5107
Default

simply awesome .... will start working today
  Reply With Quote

Old 03-28-2005, 02:39 AM   #8
colins
Guest
 
Posts: n/a
Threads: 5107
Default

thx for the tut ^^
  Reply With Quote

Old 03-28-2005, 03:11 AM   #9
Jayman
Site Cracker
 
Jayman is offline Offline
Join Date: Jan 2005
Posts: 1,004
Threads: 104
Jayman is on a distinguished road
Default

Here is something additional to the Tutorial

If you've got a good number of pfiles, you may want to start up theme lists, a .BAT file is a way to go.

john -show teen-pfile1 >> TeenTheme.txt
john -show teen-pfile2 >> TeenTheme.txt

john -show oral-pfile1 >> OralTheme.txt
john -show oral-pfile2 >> OralTheme.txt

and so on.

Of course you might have a site which fits a multiple number of themes and might want to include them in those Themed lists

john -show site1-pfile >> TeenTheme.txt
john -show teen-pfile1 >> TeenTheme.txt
john -show teen-pfile2 >> TeenTheme.txt

john -show site1-pfile >> OralTheme.txt
john -show oral-pfile1 >> OralTheme.txt
john -show oral-pfile2 >> OralTheme.txt

And finally, some people like to keep Billing type wordlists

john -show site1-pfile >> CCBILLTheme.txt
john -show teen-pfile2 >> CCBILLTheme.txt
john -show oral-pfile1 >> CCBILLTheme.txt

The >> in the john command means to "append" to a file, or add to the end of the file.

Once you've made your lists, you will need to de-dupe them and remove the lines that have "password cracked" or "passwords cracked"

Raptor is probably what you'll want to use because you can create a Filter and it has a de-duper

Last edited by Jayman; 03-28-2005 at 03:19 AM..
  Reply With Quote

Old 04-06-2005, 03:11 PM   #10
tommyle88
Special Friend
 
tommyle88's Avatar
 
tommyle88 is offline Offline
Join Date: Jan 2005
Location: mIRC
Posts: 763
Threads: 22
tommyle88 is on a distinguished road
Default

Nice job !
__________________
Next Time No More Mr. Nice Guy
  Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump



All times are GMT -4. The time now is 09:55 PM.


vBulletin skin developed by: Xisp.org Crew
Powered by vBulletin®
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
2005 Copyright Xisp.org