John the Ripper is a
free password cracking
In cryptanalysis and computer security, password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system in scrambled form. A common approach ( brute-force attack) is to repeatedly t ...
software tool. Originally developed for the
Unix operating system
Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, and ot ...
, it can run on fifteen different platforms (eleven of which are architecture-specific versions of Unix,
DOS
DOS is shorthand for the MS-DOS and IBM PC DOS family of operating systems.
DOS may also refer to:
Computing
* Data over signalling (DoS), multiplexing data onto a signalling channel
* Denial-of-service attack (DoS), an attack on a communicat ...
,
Win32
The Windows API, informally WinAPI, is Microsoft's core set of application programming interfaces (APIs) available in the Microsoft Windows operating systems. The name Windows API collectively refers to several different platform implementations th ...
,
BeOS
BeOS is an operating system for personal computers first developed by Be Inc. in 1990. It was first written to run on BeBox hardware.
BeOS was positioned as a multimedia platform that could be used by a substantial population of desktop users an ...
, and
OpenVMS
OpenVMS, often referred to as just VMS, is a multi-user, multiprocessing and virtual memory-based operating system. It is designed to support time-sharing, batch processing, transaction processing and workstation applications. Customers using Ope ...
). It is among the most frequently used password testing and breaking programs as it combines a number of password crackers into one package,
autodetects password
hash
Hash, hashes, hash mark, or hashing may refer to:
Substances
* Hash (food), a coarse mixture of ingredients
* Hash, a nickname for hashish, a cannabis product
Hash mark
*Hash mark (sports), a marking on hockey rinks and gridiron football fiel ...
types, and includes a customizable cracker. It can be run against various
encrypted
In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can deci ...
password formats including several
crypt
A crypt (from Latin '' crypta'' " vault") is a stone chamber beneath the floor of a church or other building. It typically contains coffins, sarcophagi, or religious relics.
Originally, crypts were typically found below the main apse of a c ...
password hash types most commonly found on various Unix versions (based on
DES
Des is a masculine given name, mostly a short form (hypocorism) of Desmond. People named Des include:
People
* Des Buckingham, English football manager
* Des Corcoran, (1928–2004), Australian politician
* Des Dillon (disambiguation), sever ...
,
MD5, or
Blowfish),
Kerberos AFS, and Windows NT/2000/XP/2003
LM hash
LAN Manager is a discontinued network operating system (NOS) available from multiple vendors and developed by Microsoft in cooperation with 3Com Corporation. It was designed to succeed 3Com's 3+Share network server software which ran atop a he ...
. Additional modules have extended its ability to include
MD4
The MD4 Message-Digest Algorithm is a cryptographic hash function developed by Ronald Rivest in 1990. The digest length is 128 bits. The algorithm has influenced later designs, such as the MD5, SHA-1 and RIPEMD algorithms. The initialism "MD" st ...
-based password hashes and passwords stored in
LDAP
The Lightweight Directory Access Protocol (LDAP ) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory servi ...
,
MySQL
MySQL () is an open-source relational database management system (RDBMS). Its name is a combination of "My", the name of co-founder Michael Widenius's daughter My, and "SQL", the acronym for Structured Query Language. A relational database ...
, and others.
Sample output
Here is a sample output in a
Debian
Debian (), also known as Debian GNU/Linux, is a Linux distribution composed of free and open-source software, developed by the community-supported Debian Project, which was established by Ian Murdock on August 16, 1993. The first version of De ...
environment.
$ cat pass.txt
user:AZl.zWwxIh15Q
$ john -w:password.lst pass.txt
Loaded 1 password hash (Traditional DES 4/32 4K
example (user)
guesses: 1 time: 0:00:00:00 100% c/s: 752 trying: 12345 - pookie
The first line is a command to expand the data stored in the file "
pass.txt
". The next line is the contents of the file, i.e. the user (
AZl
) and the hash associated with that user (
zWwxIh15Q
). The third line is the command for running John the Ripper utilizing the "
-w
" flag. "
password.lst
" is the name of a text file full of words the program will use against the hash,
pass.txt
makes another appearance as the file we want John to work on.
Then we see output from John working. Loaded 1 password hash — the one we saw with the "
cat
The cat (''Felis catus'') is a domestic species of small carnivorous mammal. It is the only domesticated species in the family Felidae and is commonly referred to as the domestic cat or house cat to distinguish it from the wild members of ...
" command — and the type of hash John thinks it is (Traditional DES). We also see that the attempt required one guess at a time of 0 with a 100% guess rate.
Attack types
One of the modes John can use is the
dictionary attack. It takes text string samples (usually from a file, called a wordlist, containing words found in a
dictionary
A dictionary is a listing of lexemes from the lexicon of one or more specific languages, often arranged alphabetically (or by radical and stroke for ideographic languages), which may include information on definitions, usage, etymologie ...
or real passwords cracked before), encrypting it in the same format as the password being examined (including both the encryption algorithm and key), and comparing the output to the encrypted string. It can also perform a variety of alterations to the dictionary words and try these. Many of these alterations are also used in John's single attack mode, which modifies an associated plaintext (such as a username with an encrypted password) and checks the variations against the hashes.
John also offers a
brute force
Brute Force or brute force may refer to:
Techniques
* Brute force method or proof by exhaustion, a method of mathematical proof
* Brute-force attack, a cryptanalytic attack
* Brute-force search, a computer problem-solving technique
People
* Brut ...
mode. In this type of attack, the program goes through all the possible
plaintexts, hashing each one and then comparing it to the input
hash
Hash, hashes, hash mark, or hashing may refer to:
Substances
* Hash (food), a coarse mixture of ingredients
* Hash, a nickname for hashish, a cannabis product
Hash mark
*Hash mark (sports), a marking on hockey rinks and gridiron football fiel ...
. John uses character frequency tables to try plaintexts containing more frequently used characters first. This method is useful for cracking passwords that do not appear in dictionary wordlists, but it takes a long time to run.
See also
*
Brute-force search
In computer science, brute-force search or exhaustive search, also known as generate and test, is a very general problem-solving technique and algorithmic paradigm that consists of systematically enumerating all possible candidates for the soluti ...
*
Brute-force attack
In cryptography, a brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correc ...
*
Crack (password software)
Crack is a Unix password cracking program designed to allow system administrators to locate users who may have weak passwords vulnerable to a dictionary attack. Crack was the first standalone password cracker for Unix systems and the first to in ...
References
External links
*
{{Password Cracking Software
Password cracking software
Free security software
Cross-platform software
Cryptanalytic software
Year of introduction missing