John-The-Ripper
Jump to navigation
Jump to search
John The Ripper
Description
John The Ripper is a password cracker available for many OS.
Installation
$ cd /data/src/ $ wget http://www.openwall.com/john/g/john-1.7.6.tar.gz $ tar xzvf john-1.7.6.tar.gz $ cd john-1.7.6/ $ cd src/ $ make To build John the Ripper, type: make clean SYSTEM where SYSTEM can be one of the following: linux-x86-64 Linux, x86-64 with SSE2 (best) linux-x86-sse2 Linux, x86 with SSE2 (best if 32-bit) linux-x86-mmx Linux, x86 with MMX linux-x86-any Linux, x86 linux-alpha Linux, Alpha linux-sparc Linux, SPARC 32-bit linux-ppc32-altivec Linux, PowerPC w/AltiVec (best) linux-ppc32 Linux, PowerPC 32-bit linux-ppc64 Linux, PowerPC 64-bit linux-ia64 Linux, IA-64 freebsd-x86-64 FreeBSD, x86-64 with SSE2 (best) freebsd-x86-sse2 FreeBSD, x86 with SSE2 (best if 32-bit) freebsd-x86-mmx FreeBSD, x86 with MMX freebsd-x86-any FreeBSD, x86 (...truncated...)
In the last command, take the line that corresponds to your distribution and enter (replace "linux-x86-any" by the one you selected):
$ make clean linux-x86-any
You can now test your installation by issuing:
$ cd ../run $ ./john --test
How to use?
Crack passwords
To crack /etc/passwd (or /etc/shadow), enter:
$ ./john /etc/shadow Loaded 2 password hashes with 2 different salts (FreeBSD MD5 [32/32])
Another example against a .htpasswd file:
$ ./john /usr/local/wwwpass/.htpasswd Loaded 3 password hashes with 3 different salts (Traditional DES [24/32 4K])
Note
To abort a session, type ^C. You then have the possibility to resume a session since a temporary file has been created.
Resume a session
A previous session can be retrieve thanks to john.rec file. To restore a session, issue:
$ ./john --restore
Retrieve cracked passwords
To retrieve cracked passwords (in this example, no password has been cracked, session has been aborted):
$ ./john --show /etc/shadow 0 password hashes cracked, 2 left