Nous donne :
John the Ripper password cracker, version 1.7.0.1
Copyright (c) 1996-2006 by Solar Designer
Homepage:
http://www.openwall.com/john/Usage: john-386 [OPTIONS] [PASSWORD-FILES]
--single "single crack" mode
--wordlist=FILE --stdin wordlist mode, read words from FILE or stdin
--rules enable word mangling rules for wordlist mode
--incremental[=MODE] "incremental" mode [using section MODE]
--external=MODE external mode or word filter
--stdout[=LENGTH] just output candidate passwords [cut at LENGTH]
--restore[=NAME] restore an interrupted session [called NAME]
--session=NAME give a new session the NAME
--status[=NAME] print status of a session [called NAME]
--make-charset=FILE make a charset, FILE will be overwritten
--show show cracked passwords
--test perform a benchmark
--users=[-]LOGIN|UID[,..] [do not] load this (these) user(s) only
--groups=[-]GID[,..] load users [not] of this (these) group(s) only
--shells=[-]SHELL[,..] load users with[out] this (these) shell(s) only
--salts=[-]COUNT load salts with[out] at least COUNT passwords only
--format=NAME force ciphertext format NAME: DES/BSDI/MD5/BF/AFS/LM
--save-memory=LEVEL enable memory saving, at LEVEL 1..3
--incremental[=MODE] "incremental" mode [using section MODE]
mhmm... interressant !
Et voila une attaque incremental !
6. The most powerful cracking mode in John is called "incremental" (not a proper name, but kept for historical reasons). You can simply run:
john --incremental mypasswd
or:
john -i mypasswd
This will use the default "incremental" mode parameters, which are defined in the configuration file's section named either [Incremental:All] (for most hash types) or [Incremental:LanMan] (for Windows LM hashes). By default, the [Incremental:All] parameters are set to use the full printable US-ASCII character set (95 characters) and to try all possible password lengths from 0 to 8. [Incremental:LanMan] is similar, except that it takes advantage of LM hashes being case-insensitive and of their halves limited to 7 characters each.
Don't expect "incremental" mode sessions to terminate in a reasonable time (unless all the passwords are weak and get cracked), read MODES for an explanation of this.
In some cases it is faster to use some other pre-defined incremental mode parameters and only crack simpler passwords, from a limited character set. The following command will try 26 different characters only, passwords from "a" to "zzzzzzzz" (in an optimal order):
john -i=alpha mypasswd
Of course, you can use most of the additional features demonstrated above for wordlist mode with "incremental" mode as well. For example, on a large-scale penetration test, you may have John crack only root (UID 0) accounts in a set of password files:
john -i -u=0 *.pwd
Et pour finir voici les sources :
http://www.openwall.com/john/doc/EXAMPLES.shtml