John the Ripper

Usage

john -wordlist:<wordlist path> <hash file>

The default wordlist is at /usr/share/john/password.lst.

Formats

http://pentestmonkey.net/cheat-sheet/john-the-ripper-hash-formats

Unshadow

Use unshadow to combine linux passwd and shadow files into a single file that john understands.

unshadow <PASSWD> <SHADOW>

Enhanced capabilities

More formats: Install jumbo hotfix in order to add compatibility for additional hash formats.

Better performance: Re-compile using more modern CPU flags to drasticly improve perfs (SSE2).

Metasploit Module

Use the auxiliary/analyze/jtr_crack_fast msf module to run john on the creds database.