Today I was going through a new box on Hack the Box when I ran across an issue with ‘john‘ and ‘Warning: invalid UTF-8‘ causing a valid hash to not be found. I felt this deserved a dedicated article as if I hadn’t run hashcat locally and then validated the issue this could have caused me to be indefinitely stuck.

As you can see from the screenshots below I was attempting to decrypt a bcrypt hash found inside a userdb. Using the --w flag instead of --wordlist= pulled up the following error – Warning: invalid UTF-8 seen reading /usr/share/wordlists/rockyou.txt after which the program ran as normal but found no hash.

john bcrypt hash saying ‘not found’.

john bcrypt hash saying ‘found’ after using a slightly different syntax.

I have been using the -w flag for a while now without issue. Guess I will need to undo that habit going forward. Hope this helps someone else.