This README provides detailed explanations with examples and use-cases for advanced John the Ripper (JtR) options.
By the end, you’ll have a complete handbook for mastering wordlist, rules, PRINCE, Markov, Subsets, Incremental, comparisons, and more.
Hello! I am Muhammad Saqlain Shoukat also known as Dark Wolf founder and developer of Coding Chat Room, a passionate learner and creator in the field of Cybersecurity, Programming, and DevSecOps.
🔹 My mission is to make complex technical concepts simple and easy so that students and professionals can learn without confusion.
🔹 On my platforms, I share tutorials, study notes, and practical tips about Linux, Ethical Hacking, Development, Programming and Cybersecurity.
🔹 I believe in learning by sharing — the more we teach, the more we grow.
john [options] [password-hash-file]
Use a dictionary file to try possible passwords.
john --wordlist=rockyou.txt password.txt
Useful when you already have a list of leaked or common passwords to try.
Rules modify words from a wordlist (adding numbers, symbols, uppercase, etc).
john --wordlist=mylist.txt --rules password.txt
If your list has wolf, rules will also test Wolf123, wolf@, WOLF.
You can create your own rules file.
$@123
This appends @123 to every word.
john --wordlist=mylist.txt --rules=custom.rule password.txt
To generate company-specific password patterns like Password@2025.
PRINCE recombines words from your wordlist into new combinations.
john --prince=rockyou.txt password.txt
If your list has wolf and queen, PRINCE will try wolfqueen, queenwolf, wolfwolfqueen, etc.
--prince-limit=N→ Limit generated candidates--prince-elem-cnt-min=N→ Minimum words per password--prince-elem-cnt-max=N→ Maximum words per password
john --prince=rockyou.txt --prince-elem-cnt-max=3 password.txt
Control complexity when targeting long but structured passwords like darkwolfqueen.
Markov chains generate passwords based on probability of character sequences.
john --markov password.txt
Prioritizes likely passwords (wolf123) instead of random ones (xq7&z9).
--markov=range→ Defines complexity--markov-threshold=N→ Only test passwords above a probability threshold
john --markov=200 password.txt
Efficient for guessing natural-looking passwords instead of wasting time.
Tests all possible combinations of a given character set.
john --subsets=digits password.txt
Perfect for numeric-only passwords like PINs (1234, 9876).
The most powerful mode — brute force with patterns.
john --incremental=All password.txt
Exhaustive brute-force when all else fails.
--incremental=Alpha→ only letters--incremental=Digits→ only numbers--incremental=All→ all characters
john --incremental=Digits password.txt
To crack PINs or numeric-only passwords.
Custom cracking rules with scripts.
john --external=filter_ascii password.txt
Apply custom filters (like forcing lowercase or skipping symbols).
Define patterns manually.
john --mask=?d?d?d?d password.txt
(?d = digit, so this tries all 4-digit PINs)
Targeted brute force when you know password format.
Combine wordlist + mask.
john --wordlist=mylist.txt --mask=?d?d password.txt
If wolf is in your list, it will try wolf12, wolf99.
When you know people append years or digits.
--show→ Show cracked passwords--test→ Benchmark performance
john --show password.txt
john --test
Check results and measure hash cracking speed.
Pause/resume attacks.
john --session=myattack --wordlist=rockyou.txt password.txt
john --restore=myattack
Run long attacks without losing progress.
JtR saves cracked hashes in a pot file (john.pot).
cat ~/.john/john.pot
To re-use already cracked hashes in future runs.
john --format=sha512crypt hash.txt
Faster cracking by targeting specific algorithms.
john --test --format=md5
See how fast your system cracks a specific algorithm.
john --wordlist=mylist.txt --rules --stdout | head
Preview transformed passwords before running full attack.
- Wi-Fi Cracking: Use wordlist + rules for WPA handshakes
- CTFs: Use Markov to guess natural passwords
- Company Audit: Custom rules like
Company@2025 - PINs: Use subsets or masks for 4-6 digit PINs
- Exhaustive Attack: Incremental mode when nothing else works
- Wordlist + Rules: Real-world common passwords
- PRINCE: Recombination of words
- Markov: Smart probability-based guesses
- Subsets: Digits-only or limited set
- Incremental: Full brute force
- Mask: Custom patterns
- Sessions: Save & restore progress
Always start with wordlist + rules, then escalate to PRINCE/Markov, and use Incremental only as a last resort.
If you found this helpful and want to learn more about hacking resources, cybersecurity, and coding, follow me here and Star this Resporatory:
- 🎥 YouTube: Coding Chat Room
- 📸 Instagram: @codingchatroom
- 💻 GitHub: Coding Chat Room
💡 I share tutorials, tips, and resources to make learning cybersecurity and coding easier.
Don’t forget to subscribe & follow for more updates and Star this Resporatory 🚀