John the ripper

«Incremental» mode.

This is the most powerful cracking mode, it can try all possible
character combinations as passwords. However, it is assumed that
cracking with this mode will never terminate because of the number of
combinations being too large (actually, it will terminate if you set a
low password length limit or make it use a small charset), and you’ll
have to interrupt it earlier.

That’s one reason why this mode deals with trigraph frequencies,
separately for each character position and for each password length,
to crack as many passwords as possible within a limited time.

To use the mode you need a specific definition for the mode’s
parameters, including password length limits and the charset to use.
These parameters are defined in the configuration file sections called
, where MODE is any name that you assign to the mode
(it’s the name that you will need to specify on John’s command line).
You can either use a pre-defined incremental mode definition or define a
custom one.

As of version 1.8.0, pre-defined incremental modes are «ASCII» (all 95
printable ASCII characters), «LM_ASCII» (for use on LM hashes), «Alnum»
(all 62 alphanumeric characters), «Alpha» (all 52 letters), «LowerNum»
(lowercase letters plus digits, for 36 total), «UpperNum» (uppercase
letters plus digits, for 36 total), «LowerSpace» (lowercase letters plus
space, for 27 total), «Lower» (lowercase letters), «Upper» (uppercase
letters), and «Digits» (digits only). The supplied .chr files include
data for lengths up to 13 for all of these modes except for «LM_ASCII»
(where password portions input to the LM hash halves are assumed to be
truncated at length 7) and «Digits» (where the supplied .chr file and
pre-defined incremental mode work for lengths up to 20). Some of the
many .chr files needed by these pre-defined incremental modes might not
be bundled with every version of John the Ripper, being available as a
separate download.

See CONFIG and EXAMPLES for information on defining custom modes.

Help! I can’t run John.

If you’re not familiar with your OS, you should probably not be using
John in the first place since John is primarily a tool for system
administrators. This is starting to change with the «community
enhanced» -jumbo versions’ support for things such as password-protected
archives, though.

Here are the answers to a few (not very) common questions to avoid
having them asked over and over and for amusement. For more serious
matters, please skip over to the next section.

Q: When I type «john» (or «john passwd», etc.), it says «command not
found» (or equivalent)?!
A: The examples given in John the Ripper documentation assume that you
know how to invoke newly-built programs from your shell. On Unix-like
systems, it is typical to not have «.» (the current directory) in your
$PATH (the list of directories to search for programs). In that case,
you need to type «./john» (dot, slash, and «john», without the quotes)
to invoke the John binary executable located in the current directory.

Q: …but I am on a Unix-like system and I don’t seem to readily have a
John binary executable.
A: Please follow the instructions in INSTALL.

Q: When I double-click on «john.exe», a window flashes and disappears?!
A: You’re not supposed to click. You’re supposed to run John from a
command-line shell. On Windows, some of those shells would be cmd.exe,
command.com, or bash (the latter is available with Cygwin).

How to use.

To run John, you need to supply it with some password files and
optionally specify a cracking mode, like this, using the default order
of modes and assuming that «passwd» is a copy of your password file:

	john passwd

or, to restrict it to the wordlist mode only, but permitting the use
of word mangling rules:

	john --wordlist=password.lst --rules passwd

Cracked passwords will be printed to the terminal and saved in the
file called $JOHN/john.pot (in the documentation and in the
configuration file for John, «$JOHN» refers to John’s «home
directory»; which directory it really is depends on how you installed
John). The $JOHN/john.pot file is also used to not load password
hashes that you already cracked when you run John the next time.

To retrieve the cracked passwords, run:

	john --show passwd

While cracking, you can press any key for status, or ‘q’ or Ctrl-C to
abort the session saving its state to a file ($JOHN/john.rec by
default). If you press Ctrl-C for a second time before John had a
chance to complete handling of your first Ctrl-C, John will abort
immediately without saving. By default, the state is also saved every
10 minutes to permit for recovery in case of a crash.

To continue an interrupted session, run:

	john --restore

These are just the most essential things you can do with John. For
a complete list of command line options and for more complicated usage
examples you should refer to OPTIONS and EXAMPLES, respectively.

Please note that «binary» (pre-compiled) distributions of John may
include alternate executables instead of just «john». You may need to
choose the executable that fits your system best, e.g. «john-omp» to
take advantage of multiple CPUs and/or CPU cores.

PersonalityEdit

John had a cold personality and was known for murdering for sport, he was famous around Whitechapel and the surrounding areas of London for this. He further showed no remorse for those that betray him and expelled his own nephew, Jason, from London in The Landlord’s Daughter.

He did show some compassion towards Alfred Pennyworth following Esme’s murder, and approached him with information pertaining to her death. Surprisingly, John wanted something in return for the information and demanded that Alfred assassinate Julian Thwaite in return. He further showed no emotional attachment to Undine, simply leaving when she was murdered without expressing grief at her death.

Собираем «John the Ripper»

Шаг 1: Скачаем последнюю версию «John the Ripper» и его подпись

$ wget http://www.openwall.com/john/g/john-1.7.9.tar.bz2
$ wget http://www.openwall.com/john/g/john-1.7.9.tar.bz2.sign
$ wget http://www.openwall.com/signatures/openwall-signatures.asc

Шаг 2: Подтвердим подпись

Это необходимая мера безопасности, поскольку мы имеем дело с опасной вещью.

Для этого установим открытый ключ:

$ pgp -ka openwall-signatures.asc

И проверим подпись:

$ pgp john-1.7.9.tar.bz2.sign john-1.7.9.tar.bz2
gpg: Signature made Wed 23 Nov 2011 01:38:48 PM CAT using RSA key ID 295029F1
gpg: Good signature from "Openwall Project <signatures@openwall.com>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 0C 29 43 AE 1E CD 24 EA  6E 0C B6 EE F5 84 25 69

Мы должны увидеть, аналогичное вышеуказанному, сообщение

Обращаем внимание на строку Good signature from «Openwall Project … «, которая означает успешную проверку подписи

Шаг 3: Извлекаем и компилируем исходники

$ tar xvfj john-1.7.9.tar.bz2
$ cd john-1.7.9/src/
$ make
To build John the Ripper, type:
make clean <system>
where SYSTEM can be one of the following:
linux-x86-64-avx         Linux, x86-64 with AVX (2011+ Intel CPUs)
linux-x86-64-xop         Linux, x86-64 with AVX and XOP (2011+ AMD CPUs)
linux-x86-64             Linux, x86-64 with SSE2 (most common)
***

Находим в списке нашу систему и набираем:

$ make clean <system>

Где <system> — установленная у нас операционная система. В случае если Вы не нашли свою систему в списке, используйте:

$ make clean generic

Если все прошло успешно, вышеперечисленные действия приводят к созданию исполняемых файлов для Джона и связанных с ним утилит, в директории «../run/».

Также, Вы можете скопировать всю папку «run» куда угодно и запускать Джона оттуда.

Теперь мы можем перейти в директорию «../run/» и протестировать работу Джона:

$ cd ../run/
$ ./john --test
Many salts:	400332 c/s real, 400332 c/s virtual
Only one salt:	383795 c/s real, 391627 c/s virtual
---
Benchmarking: BSDI DES (x725) [32/32 BS]... DONE
Many salts:	13362 c/s real, 13388 c/s virtual
Only one salt:	13299 c/s real, 13299 c/s virtual
---
Benchmarking: FreeBSD MD5 [32/32 X2]... DONE
Raw:	9225 c/s real, 9225 c/s virtual
***

General options.

Some global options can be defined in the section. Currently,
you can set the following options:

Wordlist = FILENAME

Set this to your wordlist file name, to be used in batch mode (which is
activated when you start John with password files, but not specifying a
cracking mode). The default is «$JOHN/password.lst», that is, the file
named «password.lst» in John’s «home directory».

Idle = Y|N

If set to «Y» (yes), John will try to use idle processor cycles only,
thereby greatly reducing its impact on other system processes. The
impact on performance of John itself is negligible except on otherwise
overloaded systems. This setting does not affect John’s startup time
and non-cracking invocations of John; it only affects the actual
cracking. The default is «Y» (yes).

Starting with version 1.7.7, this setting is ignored for OpenMP-enabled
hash types when the actual number of threads is greater than 1.
Unfortunately, it did not work right at least with GNU libgomp on Linux.

Save = SECONDS

This is the time interval (in seconds) between crash recovery file
updates. The default is 600 seconds (10 minutes).

Beep = Y|N

If set to «Y» (yes), John will beep when a password is found. On
Unix-like systems, it does this by sending the bell character (ASCII
code 7) to the «standard error» file descriptor (which is normally
directed to the terminal). The default is «N» (no).

Description

Johnny is the cross-platform Open Source GUI frontend for the popular password cracker John the Ripper. It was originally proposed and designed by Shinnok in draft, version 1.0 implementation was achieved by Aleksey Cherepanov as part of GSoC 2012 and Mathieu Laprise took Johnny further towards 2.0 and beyond as part of GSoC 2015.

Johnny’s aim is to automate and simplify the password cracking routine with the help of the tremendously versatile and robust John the Ripper, as well as add extra functionality on top of it, specific to Desktop and GUI paradigms, like improved hash and password workflow, multiple attacks and session management, easily define complex attack rules, visual feedback and statistics, all of it on top of the immense capabilities and features offered by both JtR core/proper as well as jumbo.

John’s home

fopen: $JOHN/john.ini: No such file or directory
% touch john.ini

runjohn

(The program john wants to read john.conf,
and when that is not found it tries the alternative name john.ini,
and when that is not found it complains and exits.
Each invocation of john has a ‘home’, usually the directory where
its executable was found. It will write its output files john.log,
john.rec and john.pot there.
One might think that $JOHN refers to an environment variable
one can set to tell john where its home is, but it is only an
internal name; when run as somepath/john the program john
first tries open("somepath/john.conf", O_RDONLY) and, if that fails,
open("$JOHN/john.conf", O_RDONLY), where $JOHN/ is
not expanded but is just this 6-byte string. When run as john,
the current directory will be john‘s home.
Compile with -DJOHN_SYSTEMWIDE=1 to make it use ~/.john.
A useful side effect of systemwide installation is that tilde expansion
works in options like -w:~/dir/words.)

One can specify alternative locations for the configuration file
john.conf and the result file john.pot with the
--config= and --pot= options.

Features/Performance

  • Feature-rich and fast password cracking tool, with several cracking modes.
  • It allows you to define a custom cracking mode using the built-in compiler supporting a subset of C.
  • You can use same cracker everywhere, since John is available for different platforms, with possibility to continue a cracking session started on another platform.
  • This tool supports a lot of Unix crypt(3) hash types:
  • On Linux distributions with , John 1.7.6+ supports hashes, with optional OpenMP parallelization (requires GCC 4.2+).
  • On recent versions of Solaris, John 1.7.6+ supports and autodetects and hashes, also with optional OpenMP parallelization (requires GCC 4.2+ or recent Sun Studio).
  • John the Ripper Pro adds support for Windows NTLM (MD4-based) and Mac OS X 10.4+ salted SHA-1 hashes.
  • “Community enhanced” -jumbo versions add support for many more password hash types:
  • John the Ripper has its own highly optimized modules for different hash types and processor architectures.

Customizing John the Ripper.

John the Ripper’s behavior can be customized by editing its
configuration file. The configuration file can be named either
john.conf (on Unix-like systems) or john.ini (on systems which have a
notion of filename «extensions» and limit them to 3 characters).

This file is searched for in private John’s «home directory» and, if
not found in the private directory and John is installed system-wide,
also in John’s system-wide shared data files directory.

You can set global options, define wordlist and «single crack» mode
rules, define parameters for «incremental» modes, or even define a new
external cracking mode.

The configuration file consists of several sections. Each section
starts with a line containing its name, in brackets («»). Sections
consist either of «variable = value» assignments (each on its own line)
or of some other content specific to the particular section’s type
(names of such sections start with «List.»). Section and variable names
are not case sensitive. Comment lines start with a hash character («#»)
or a semicolon («;») and are ignored. Also ignored are any empty lines.

Other programs in Windows 10

Ascgen 2

free

ASCII Generator is a program that creates a plain text document from a graphic file. The creation of graphics and images with characters ASCII characters was very common in the era of BBS (Bulletin Board System). The BBS worked on…

GIMPShop

free

GIMPShop is a free software of free download and installation, for editing images. GIMPShop is an application based on GIMP to manipulate images and photos of all kinds. The interface of this graphic design script is very similar to other…

Image Analyzer

free

Image Analyzer is an application dedicated to the manipulation and the purification of images. The format in which Image Analyze is presented is quite simple, since its interface doesn’t complicate in anything to the user that is navigating for each…

MAME

free

MAME is a program that is able to emulate a large amount of arcade machines. Arcade rooms, lived its golden age at the early and mid-90s. In this type of rooms there were all kind of video games: platforms, fighting,…

BurnAware

free

BurnAware is freely downloadable disk burning software that stands out among other programs because of its capacity of Blu-ray and HD-DVD recording. BurnAware has an extremely simple interface that allows you to perform many operations, such as recording data disks,…

Notepad++

free

Notepad is for every user that has many work options in his programming, because even been showed up as a simples note pad it has many other functions. The interface showed by Notepad is quite simple, but efficient, since in…

Alcohol 120

paid

Alcohol 120 is a software that allows making copies of CDs and DVDs. CD and DVD discs are not used as much as the past decade, this is due to the ease of access to other storage media of higher capacity…

Media Player Classic Home Cinema

free

Media Player Classic Home Cinema is a file player that will change your point of view of how should we watch any kind of videos, because as being a very simple application it is shown with more interesting options than…

HeidiSQL

free

HeidiSQL is a small but potent tool well-known as «interface graph», which is very used to play the programmer’s roll. This application allows us to have a great handling on the computer database, having the option of negotiating data charts,…

PureVPN

free

PureVPN is software that protects our security and privacy while browsing online. Thanks to this software you can browse the web anonymouslya and you can choose different servers across the world to connect to Internet. Thus, although we are in…

Malwarebytes Anti-Exploit

paid

Malwarebytes Anti-Exploit is a software that protects Windows and its installed softwares against the potential weaknesses affecting them. Windows and its softwares installed in it might have some kind of vulnerability. A software is vulnerable when it can be used…

John the Ripper

free

John the Ripper is a very popular program made to decipher passwords, because of the simplicity of its playability and the multiple potential incorporated in its working. John the Ripper doesn’t need installation, it is only necessary to download the…

Incremental mode

johnjohnjohn

One can restrict the passwords tried to a given character set
(with given frequencies):

% john -i:digits passwdfile

(If you want to try longer numbers, it does not suffice
to edit john.conf and change MaxLen = 8
in the section:

% john -i:digits --format=raw-md5 todo
MaxLen = 9 exceeds the compile-time limit of 8

so a recompilation is required. But feeding john with these
numbers is easier:

% seq 999999999 | john -stdin --format=raw-md5 todo

Since we are going to try them all anyway, no statistics is needed.)

More generally, the -i:charset
option refers to the charset.chr file with symbol frequencies.
One can generate a charset file, maybe from a file of already cracked
passwords, using the --make-charset= option.

Character class commands.

sXY	replace all characters X in the word with Y
s?CY	replace all characters of class C in the word with Y
@X	purge all characters X from the word
@?C	purge all characters of class C from the word
!X	reject the word if it contains character X
!?C	reject the word if it contains a character in class C
/X	reject the word unless it contains character X
/?C	reject the word unless it contains a character in class C
=NX	reject the word unless character in position N is equal to X
=N?C	reject the word unless character in position N is in class C
(X	reject the word unless its first character is X
(?C	reject the word unless its first character is in class C
)X	reject the word unless its last character is X
)?C	reject the word unless its last character is in class C
%NX	reject the word unless it contains at least N instances of X
%N?C	reject the word unless it contains at least N characters of class C

Numeric constants and variables.

Numeric constants may be specified and variables referred to with the
following characters:

0...9	for 0...9
A...Z	for 10...35
*	for max_length
-	for (max_length - 1)
+	for (max_length + 1)
a...k	user-defined numeric variables (with the "v" command)
l	initial or updated word's length (updated whenever "v" is used)
m	initial or memorized word's last character position
p	position of the character last found with the "/" or "%" commands
z	"infinite" position or length (beyond end of word)

Here max_length is the maximum plaintext length supported for the
current hash type.

These may be used to specify character positions, substring lengths, and
other numeric parameters to rule commands as appropriate for a given
command. Character positions are numbered starting with 0. Thus, for
example, the initial value of «m» (last character position) is one less
than that of «l» (length).

Options

Usage (1.8.0): john  
--single|:rule)] "single crack" mode
--wordlist --stdin  wordlist mode, read words from FILE or stdin
                  --pipe   like --stdin, but bulk reads, and allows rules
--loopback          like --wordlist, but extract words from a .pot file
--dupe-suppression         suppress all dupes in wordlist (and force preload)
--prince            PRINCE mode, read words from FILE
--encoding=NAME            input encoding (eg. UTF-8, ISO-8859-1). See also
                           doc/ENCODINGS and --list=hidden-options.
--rules|:rule)]  enable word mangling rules for
                           wordlist or PRINCE modes
--incremental       "incremental" mode 
--mask              mask mode using MASK (or default from john.conf)                                                                                                                                                                                
--markov         "Markov" mode (see doc/MARKOV)                                                                                                                                                                                                  
--external=MODE            external mode or word filter                                                                                                                                                                                                    
--subsets        "subsets" mode (see doc/SUBSETS)                                                                                                                                                                                                
--stdout          just output candidate passwords                                                                                                                                                                                  
--restore           restore an interrupted session                                                                                                                                                                                     
--session=NAME             give a new session the NAME                                                                                                                                                                                                     
--status            print status of a session                                                                                                                                                                                          
--make-charset=utf-8        make a charset file. It will be overwritten                                                                                                                                                                                     
--show              show cracked passwords                                                                                                                                                                                
--test              run tests and benchmarks for TIME seconds each                                                                                                                                                                                  
--users=LOGIN|UID   load this (these) user(s) only                                                                                                                                                                                         
--groups=GID       load users  of this (these) group(s) only                                                                                                                                                                                  
--shells=SHELL     load users with this (these) shell(s) only                                                                                                                                                                                 
--salts=COUNT     load salts with COUNT  hashes                                                                                                                                                                                      
--costs=C     load salts with cost value Cn . For                                                                                                                                                                                 
                           tunable cost parameters, see doc/OPTIONS                                                                                                                                                                                        
--save-memory=LEVEL        enable memory saving, at LEVEL 1..3                                                                                                                                                                                             
--node=MIN/TOTAL     this node's number range out of TOTAL count
--fork=N                   fork N processes
--pot=NAME                 pot file to use
--list=WHAT                list capabilities, see --list=help or doc/OPTIONS
--devices=N           set OpenCL device(s) (see --list=opencl-devices)
--format=NAME              force hash of type NAME. The supported formats can
                           be seen with --list=formats and --list=subformats

Configuration file.

Please refer to CONFIG for general information on the configuration file
and its possible locations.

1. Let’s assume that you notice that in some password file a lot of
users have their passwords set to login names with «?!» appended. Then
you just make a new «single crack» mode rule (see RULES for information
on the syntax) and place it somewhere near the beginning:

	
	Az"?!"

Hint: if you want to temporarily disable all of the default rules, you
can simply rename the section to something John doesn’t use and define
a new one with the section’s old name, but be sure to leave the «List.»
prefix of the name intact to maintain correct configuration file syntax.

All the same applies to wordlist mode rules as well.

2. If you generate a custom charset file (described above) you will also
need to define a configuration file section with the «incremental» mode
parameters. In the simplest case it will be like this (where «Custom»
can be replaced with any name you like):

	
	File = custom.chr

This way, John will only use characters from passwords used to generate
the charset file only. To make John try some more characters, add:

	Extra = !@#$%

These extra characters will then be added, but still considered the
least probable. If you want to make sure that, with your extra
characters, John will try 95 different characters, you can add:

	CharCount = 95

This will make John print a warning if it only has fewer than 95
characters in its charset.

You can also use CharCount to limit the number of different characters
that John tries, even if the charset file has more:

	CharCount = 20

If you didn’t use any filters when generating the charset file, setting
CharCount this low will make John never attempt rare characters and
character combinations, not even for really short passwords, spending
the time on simple longer candidate passwords instead. However, the
default length switching is usually smart enough so that you shouldn’t
need this trick.

To make John try passwords of certain lengths only, use the following
lines:

	MinLen = 6
	MaxLen = 8

Setting «MinLen» high, as in the example above, is reasonable if shorter
passwords weren’t allowed to set on the machine you got the password file
from (however, note that root can usually set any password for any user
and there are often loopholes in operating systems’ password policy
enforcement capabilities).

On the contrary, you may want to set «MaxLen» low if you think there are
a lot of short passwords.

3. Another example: a lot of users at some site use short duplicated
words as their passwords, such as «fredfred». As the number of such
potential passwords is fairly low, it makes sense to code a new external
cracking mode that tries them all, up to some length.

You can find the actual implementation of such a cracking mode with lots
of comments in the default configuration file supplied with John.
Please refer to EXTERNAL for information on the programming language
used.

$Owl: Owl/packages/john/john/doc/EXAMPLES,v 1.11 2019/05/19 15:10:04 solar Exp $

Extra «single crack» mode commands.

When defining «single crack» mode rules, extra commands are available
for word pairs support, to control if other commands are applied to the
first, the second, or to both words:

1	first word only
2	second word only
+	the concatenation of both (should only be used after a "1" or "2")

If you use some of the above commands in a rule, it will only process
word pairs (e.g., full names from the GECOS field) and reject single
words. A «+» is assumed at the end of any rule that uses some of these
commands, unless you specify it manually. For example, «1l2u» will
convert the first word to lowercase, the second one to uppercase, and
use the concatenation of both. The use for a «+» might be to apply some
more commands: «1l2u+r» will reverse the concatenation of both words,
after applying some commands to them separately.

Speed

johnc/s-testc/s

Precise benchmark results depend strongly on the patch version of
john and on the chosen compile target. I find that the make
target linux-x86-64i produces a faster john than
linux-x86-64 (for MD5 and SHA1) in all cases I tried.

On some machine (Intel Core 2 Q9550 @ 2.83GHz):

% john -test
Benchmarking: Traditional DES [128/128 BS SSE2-16]... DONE
Many salts:     3137K c/s real, 3137K c/s virtual
Only one salt:  3020K c/s real, 3020K c/s virtual
...
Benchmarking: FreeBSD MD5 ... DONE
Raw:    32052 c/s real, 32052 c/s virtual
...
Benchmarking: dynamic_0: md5($p)  (raw-md5)  ... DONE
Raw:    21752K c/s real, 21752K c/s virtual
...

johnlist of
benchmarks

Cracking Passwords

John the Ripper’s primary modes to crack passwords are single crack mode, wordlist mode, and incremental. The single crack mode is the fastest and best mode if you have a full password file to crack. Wordlist mode compares the hash to a known list of potential password matches. Incremental mode is the most powerful and possibly won’t complete. This is your classic brute force mode that tries every possible character combination until you have a possible result.

The easiest way to try cracking a password is to let JtR go through a series of common cracking modes. This command below tells JtR to try “simple” mode, then the default wordlists containing likely passwords, and then “incremental” mode.

.\john.exe passwordfile

You can also download different wordlists from the Internet, and you can create your own new wordlists for JtR to use with the –wordlist parameter.

.\john.exe passwordfile –wordlist=”wordlist.txt”

If you want to specify a cracking mode use the exact parameter for the mode.

.\john.exe --single passwordfile 
.\john.exe --incremental passwordfile

Что такое John the Ripper

John the Ripper — это, пожалуй, самые известные инструменты взлома паролей. Помимо того, что у нас есть и другие ПО для подбора паролей, мы любим Johny, как его нежно называют, потому что он работает и очень эффективен. John the Ripper, как Metasploit, также является частью семейства Rapid7 pentesting / hacking tools.

Как работают специалисты по взлому паролей?

Взлом паролей — это процесс восстановления или подбора паролей из данных, которые были сохранены или были переданы компьютерной системой или внутри сети. Один из наиболее распространенных типов взлома паролей известен как “bruteforce” — что, проще говоря, является процессом, в котором компьютерная система угадывает правильность путем перекрестной проверки доступного криптографического хэша пароля. Если атака грубой силы направлена с помощью слов с открытым текстом, то процесс происходит от “словарной атаки”. Если пароль угадывается с помощью хэшей паролей(что быстрее), то используемый процесс будет “радужной” таблицей.

Если вы работаете в области кибербезопасности, или хотите начать работу в профессии, то вы должны будете узнать некоторые аспекты криптографии. Поэтому мы настоятельно рекомендуем вам изучить и попытаться взломать автономные пароли с помощью John the Ripper.

Сравнение John the Ripper с THC Hydra

THC Hydra, или просто “Гидра”, является еще одним очень популярным инструментом взлома паролей, который часто упоминается в том же контексте, что и John the Ripper. Самый простой способ описать разницу между John the Ripper(JTR) и THC Hydra заключается в том, что JTR является автономной программой для взлома паролей, а Hydra-онлайн-инструмент для взлома паролей.

JTR ПО с открытым исходным кодом?

И то и другое. Существует очень популярная бесплатная версия John the Ripper, а также PRO версия. Версия John the Ripper commerical используется тестерами на проникновение, которые заинтересованы в взломе паролей конкретных операционных систем. Коммерческая версия оптимизирована для производительности и скорости. Для среднего пользователя open-source версия John the Ripper будет отличным выбором, для тех, кто работает пентестерами мы, безусловно, рекомендуем версию Pro, доступную из Rapid7.

На какой ОС работает John the Ripper?

John the Ripper был первоначально разработан для операционных систем Unix, но теперь работает на различных платформах, 11 из которых являются архитектурными версиями DOS, Unix, BeOS, Win32 и OpenVMS.

How Does John the Ripper Work?

JtR supports several common encryption technologies out-of-the-box for UNIX and Windows-based systems. (ed. Mac is UNIX based). JtR autodetects the encryption on the hashed data and compares it against a large plain-text file that contains popular passwords, hashing each password, and then stopping it when it finds a match. Simple.

In our amazing Live Cyber Attack demo, the Varonis IR team demonstrates how to steal a hashed password, use JtR to find the true password, and use it to log into an administrative account. That is a very common use case for JtR!

JtR also includes its own wordlists of common passwords for 20+ languages. These wordlists provide JtR with thousands of possible passwords from which it can generate the corresponding hash values to make a high-value guess of the target password. Since most people choose easy-to-remember passwords, JtR is often very effective even with its out-of-the-box wordlists of passwords.

JtR is included in the pentesting versions of Kali Linux.

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *