John the Ripper cracking with masking

We can use masking to target specific patterns without a wordlist. Masks follow a simple syntax where each character pattern type is defined with either a range or a placeholder with a question mark. For example, an uppercase (ASCII) letter would be defined with ?u, which would then be placed in the desired character position. Let's look at some examples:

We can skip the wordlist flag, but we still define the hash format and the input file:

A special type of masking is stacking, where we hybridize dictionary cracking with masking. The syntax is like ordinary masking, except our placeholder ?w defines the individual word in the list. For example, defining a wordlist with --wordlist= and then defining a mask of ?w?d?d?d?d would take an individual word from the wordlist and look for all combinations of that word with four digits on the end.