JOHN THE RIPPER


'John the Ripper' is a free password cracking software tool. Initially developed for the UNIX operating system, it currently runs on fifteen different platforms (11 architecture-specific flavors of Unix, DOS, Win32, BeOS, and OpenVMS). It is one of the most popular password testing/breaking programs as it combines a number of password crackers into one package, autodetects password hash types, and includes a customisable cracker. It can be run against various encrypted password formats including several crypt password hash types most commonly found on various Unix flavors (based on DES, MD5, or Blowfish), Kerberos AFS, and Windows NT/2000/XP/2003 LM hash. Additional modules have extended its ability to include MD4-based password hashes and passwords stored in LDAP, MySQL and others.

Contents
Sample output
Attack types
See also
External links

Sample output


Here is a sample output in a Debian GNU/Linux environment.
root@0[john-1.6.37]# cat pass.txt
user:AZl.zWwxIh15Q
root@0[john-1.6.37]# john -w:password.lst pass.txt
Loaded 1 password hash (Traditional DES [24/32 4K])
example (user)
guesses: 1 time: 0:00:00:00 100% c/s: 752 trying: 12345 - pookie

Attack types


One of the modes John can use is the dictionary attack. It takes text string samples (usually from a file, called a ''wordlist'', containing words found in a dictionary), encrypting it in the same format as the password being examined (including both the encryption algorithm and key), and comparing the output to the encrypted string. It can also perform a variety of alterations to the dictionary words and try these. Many of these alterations are also used in John's single attack mode, which modifies an associated plaintext (such as a username with an encrypted password) and checks the variations against the encrypted hashes.
John also offers a brute force mode. In this type of attack, the program goes through all the possible plaintexts, hashing each one and comparing it to the input hash. John uses character frequency tables to try plaintexts containing more frequently-used characters first. This method is useful for cracking passwords which do not appear in dictionary wordlists, but it does take a long time (for all practical purposes, forever) to run.

See also



Openwall Project

Password cracking

Brute-force search

Computer hacking

External links



Official page for John the Ripper

Unofficial John the Ripper patches

Distributed John (DJohn) - distributed cracking over several machines

John the Ripper 1.7 Released

John the Ripper 1.7.2 Released

Running John on dual core or multi CPU machines

This article provided by Wikipedia. To edit the contents of this article, click here for original source.

psst.. try this: add to faves
Featured Companies
Vacation By VVacation By V
Newest Companies
Hotel Valley Ho (Caf ZuZu, VH Spa)Hotel Valley Ho (Caf ZuZu, VH Spa)
Scottsdale CVBScottsdale CVB
Interpro Travel Services Inc.Interpro Travel Services Inc.
traverse jamaicatraverse jamaica
Pelican Executive SuitesPelican Executive Suites
Time Out for Touring Inc.Time Out for Touring Inc.
Travelonly - Dave CorlessTravelonly - Dave Corless
Travelonly - Allan JenkinsTravelonly - Allan Jenkins
Heavenly Paradise GetawaysHeavenly Paradise Getaways
Temptation Resort Spa CancunTemptation Resort Spa Cancun
discover more →
©2009 TripAtlas.com