JtR
Jump to navigation
Jump to search
Installation
Original
John The Ripper (JtR) is developed as part of the Openwall project and can be obtained via CVS:
cvs -d :pserver:anoncvs@anoncvs.owl.openwall.com/cvs login # CVS password: anoncvs cvs -d :pserver:anoncvs@anoncvs.owl.openwall.com/cvs co Owl/packages/john mv Owl/packages/john/john john-cvs && rm -rf Owl cd john-cvs cvs update
Build with:
sudo apt-get install libssl-dev # Debian sudo dnf install openssl-devel # Fedora cd src make # Help text will be displayed make linux-x86-64
Or, if openssl has been installed somewhere else:
make linux-x86-64 JOHN_CFLAGS=-I/opt/openssl/include NSS_LDFLAGS=-L/opt/openssl/lib $ ls -lgo ../run/john -rwxr-xr-x 1 235432 Sep 19 19:36 ../run/john
Jumbo
A more current version can be found on elsewhere:
git clone https://github.com/magnumripper/JohnTheRipper.git jtr-git
Build with:
sudo apt-get install libssl-dev libgmp3-dev # Debian sudo dnf install openssl-devel gmp-devel # Fedora cd jtr-git/src ./configure && make clean && make
For some reason, make install
did not work, so we have to copy some configuration files manually:
FIXME
sudo mkdir -p /opt/jtr/share/john/ && sudo cp ../run/*.conf /opt/jtr/share/john/ && sudo mv ../run/* /opt/jtr/ sudo chown -cR root:root /opt/jtr/ && sudo chmod -c a+rX /opt/jtr/ && sudo find /opt/jtr/ -executable | sudo xargs chmod -c a+rx
Notes:
- On MacOS X it may be necessary to use
CC=/usr/bin/gcc
if another GCC installation is preferred but broken. - On MacOS,
libm
andlibpthread
may not be supported[1][2] and we have to convinceconfigure
to omit those switches:
diff --git a/src/configure b/src/configure index eefc31a..4c34493 100755 --- a/src/configure +++ b/src/configure @@ -9451,10 +9451,7 @@ $as_echo "#define HAVE_LIBM 1" >>confdefs.h M_LIBS=-lm else - { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 -$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} -as_fn_error 1 "JtR requires libm being installed -See \`config.log' for more details" "$LINENO" 5; } + M_LIBS= fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for deflate in -lz" >&5 @@ -10469,7 +10466,7 @@ case ${host_os} in ;; darwin*) - ax_pthread_flags="-pthread $ax_pthread_flags" + ax_pthread_flags="$ax_pthread_flags" ;; esac
Usage
Let's crack some Unix passwords first. While john
can read Linux shadow files just fine, there's unshadow
to generate a standard passwd file from it:
sudo getent shadow | grep '\$' > file.shadow # Only output entries with a password set ../run/unshadow /etc/passwd file.shadow | grep '\$' > file.passwd
Let's run w/o any parameters:
$ ../run/john file.passwd Warning: detected hash type "sha512crypt", but the string is also recognized as "crypt" Use the "--format=crypt" option to force loading these as that type instead Loaded 5 password hashes with 5 different salts (sha512crypt, crypt(3) $6$ [SHA512 64/64 OpenSSL]) Will run 8 OpenMP threads Press 'q' or Ctrl-C to abort, almost any other key for status dummy (passw0rd) joe (secr3t) 2g 0:00:00:50 15.38% 2/3 (ETA: 19:30:09) 0.03956g/s 635.2p/s 1557c/s 1557C/s 1simone..1bridges 2g 0:00:01:26 25.52% 2/3 (ETA: 19:30:21) 0.02309g/s 580.7p/s 1538c/s 1538C/s rescue9..trombone9 2g 0:00:10:57 3/3 0.003041g/s 523.2p/s 1543c/s 1543C/s 042212..043177 2g 0:00:11:32 3/3 0.002887g/s 523.4p/s 1544c/s 1544C/s 012824..014461 2g 0:00:16:27 3/3 0.002025g/s 512.1p/s 1518c/s 1518C/s jj0495..jjmche
The FAQ explains the status messages a bit more:
- successful guess count
- session duration (D:HH:MM:SS)
- progress indicator (percent done and optionally pass number out of the total number of passes
- g/s is successful guesses per second (so it'll stay at 0 until at least one password is cracked)
- p/s is candidate passwords tested per second
- c/s is "crypts" (password hash or cipher computations) per second
- C/s is combinations of candidate password and target hash per second.
- current (range of) candidate password(s) being tested
Links
Reading list
- Re: ssh known_hosts support? (2014-07-02)
- How the Bible and YouTube are fueling the next frontier of password cracking (2013-10-08)
- How I became a password cracker (2013-03-24)
- How a security ninja cracked the password guarding his most valued assets (2013-02-09)
- 25-GPU cluster cracks every standard Windows password in <6 hours (2012-12-09)
- Bruteforcing SSH Known_Hosts Files (2010-11-03)