researchJohn the Ripper
John the Ripper is a multi-platform password cracking tool.
While the standard distribution package of JtR is already a very capable application, there are several enhancements available which can increase both the variety of crackable encryption schemes, password complexity, and the performance of JtR itself.
The rest of the chapter will cover both the installation steps for each of the enhancements as well as brief description of their operation. This chapter assumes you have a Linux based system (e.g Ubuntu) all of the necessary compilation and build tools installed.
First we will need to download and extract complete JtR source code. At the time of this writing the latest version of JtR is 1.7.6.
wget http://www.openwall.com/john/g/john-1.7.6.tar.bz2 tar -xvjf john-1.7.6.tar.bz2
Next let's download a “Jumbo” patch for the JtR which contains code contributed by the user community. While the contributed code base is not as mature as the original JtR code base, the patch contributes a number of newer encryption and hashing algorithms. Below are the steps to download the patch and apply it to the previously downloaded source.
wget http://www.openwall.com/john/contrib/john-1.7.6-jumbo-3.diff.gz gunzip john-1.7.6-jumbo-3.diff.gz cd john-1.7.6 patch -p1 < ../john-1.7.6-jumbo-3.diff
Note: You have to apply the patch by changing the directory into the extracted source. Another key enhancement that can be performed upon already optimized code is to teach JtR how to operate in multi-processor environments. There are a number of solutions available, but the most reliable of them are all based on the Message Passing Interface (MPI) architecture. First we need to download and setup MPI daemon on the host operating system:
sudo apt-get install mpich2 libssl-dev mpdboot mpdallexit
With the MPI infrastructure installed and running, we can now apply another patch to JtR:
wget http://openwall.info/wiki/_media/john/john-1.7.6-fullmpi8-after-jumbo3.diff.gz gunzip john-1.7.6-fullmpi8-after-jumbo3.diff.gz cd john-1.7.6 patch -p1 < ../john-1.7.6-fullmpi8-after-jumbo3.diff
Note: As you can tell from the patch name, it is designed to be applied after the installation of the “Jumbo” patch.
The last step in preparing our enhanced JtR installation is to compile it for the specific CPU architecture. This is done by means of special flags appended to the “make” command. For example, to take advantage of 64bit processors append “linux-x86-64”. For 32bit CPUs use “linux-x86-sse2” or “generic”.
cd john-1.7.6 cd src make linux-x86-64 sudo make install
You can now test JtR with full MPI capabilities with the following command line:
mpiexec -n 4 ~/john-1.7.6/run/john –test
NOTE: -n 4 defines how many cores to use. Use more or less as needed With all of the enhancements to the John the Ripper, we can now apply a new charset file based on passwords from a recent RockYou compromise. The new charset file will enhance JtR's incremental cracking mode. First, let's download the updated *.chr file:
cd john-1.7.6 cd run wget ftp://ftp.openwall.com/pub/projects/john/contrib/rockyou/1.1/rockyou.chr.gz gunzip rockyou.chr.gz
Next, edit “john.conf” file to include new rules by adding the following lines:
[Incremental:rockyou] File = $JOHN/rockyou.chr MinLen = 1 MaxLen = 8 CharCount = 95
To execute JtR with a new charset file use the following command line to run John in incremental mode:
~/john-1.7.6/run/john --incremental:rockyou passwd
or with MPI:
mpiexec -n 4 ~/john-1.7.6/run/john --incremental:rockyou passwd
Published on August 1st, 2010 by iphelix
|Date||February 21st, 2009|
Orapass implements Oracle's older DES-based password hashing algorithm. This script can be used for password strength audit and recovery. Uses Python Crypto library. Read more.
|Date||August 8th, 2013|
PACK (Password Analysis and Cracking Toolkit) is a collection of utilities developed to aid in analysis of password lists and enhancing cracking of passwords using password pattern detection. It can be used to reverse word mangling rules, generate source words, optimize password masks, craft policy attacks, etc. for the Hashcat family of tools. The toolkit itself is not able to crack passwords, but instead designed to make operation of password crackers more efficient. Read more.
smarter password cracking with pack
Last week I gave a talk during the Password '13 security conference on various password analysis and pattern detection attacks using the Password Analysis and Cracking Kit. You can download slides for the presentation here.
The conference itself was an absolute blast with great organization by Per Thorsheim and Jeremi Gosney. The conference gathered a fascinating crowd which spawned hours of great discussions on password security, cryptography, politics and everything in between. However, I especially enjoyed meeting in real life with many members of Team Hashcat.
Team Hashcat had another great run at the CMIYC during Defcon where we placed 2nd. As always I ended up spending most of the conference in the hotel room or the chill room at Defcon, but that's part of the fun doing contests. Russia-based team Inside-Pro placed first by scoring more points on harder hashes, молодцы ребята!
Today, I have finally finished writing documentation for the many changes and adding the final polish to the next release of PACK 0.0.4. There should be noticeable performance bumps for all of the tools in the toolkit especially Rulegen which is now finally using multiple CPU cores. You should also try out the completely rewritten 'maskgen' which is now capable of generating highly optimized mask collections for use with Hashcat suite of tools (see presentation slides above for more details). Enjoy and most importantly have fun with password cracking! Read more.
crack me if you can
I had an opportunity to participate in the "Crack me if you can" password cracking competition during this year's Defcon. It was a fun and educational experience. Using a couple of video cards, decent processors as well as some research into password generation I was able to place 4th in the contest. In this post you can learn more about hardware, software and strategy used to crack about 25k passwords in two days. Read more.
All original content on this site is copyright protected and licensed under Creative Commons - Attribution, NonCommercial, ShareAlike 4.0 International.