john the ripper

**boblucci** · 09-08-2004, 04:14 AM

has anyone ever used this program?
i'm a little confused on how to crack a password.
you could pm me if your affraid of letting people know you actually use it.

**Outlaw** · 09-08-2004, 12:19 PM

Yeah, I used it. It actually did crack some easy passwords I made. But some even moderately strong ones I was too impatient to wait for.

Easiest thing to do is give it a passwd file, a shadow file and use the unshadow utility with an output filename. Then run john outpfile. Check the docs to make sure I have that right, been a while since I ran it.

The problem with cracking utilities, is that it relies heavily on a large word file and then runs permutations on those words. Could take very long time to crack large passwd files, so break them up in chunks.

**Outlaw** · 09-08-2004, 12:55 PM

Here's a quickie how - to

Code:

[root@testbox root]# useradd bill
[root@testbox root]# passwd bill
Changing password for user bill.
New password: things
BAD PASSWORD: it is based on a dictionary word
Retype new password:
passwd: all authentication tokens updated successfully.
[root@testbox root]# useradd chuck
[root@testbox root]# passwd chuck
Changing password for user chuck.
New password: stuff
BAD PASSWORD: it is too short
Retype new password:
passwd: all authentication tokens updated successfully.
[root@testbox root]# useradd stan
[root@testbox root]# passwd stan
Changing password for user stan.
New password: junk
BAD PASSWORD: it is too short
Retype new password:
passwd: all authentication tokens updated successfully.
[root@testbox root]# tail -n 3 /etc/passwd &gt; passfile
[root@testbox root]# tail -n 3 /etc/shadow &gt; shdwfile
[root@testbox root]# unshadow passfile shdwfile &gt; johnfile
[root@testbox root]# cd /etc
[root@testbox etc]# john /root/johnfile
Loaded 3 passwords with 3 different salts (FreeBSD MD5 [32/32])
stuff            (chuck)
junk             (stan)
bill             (things)
guesses: 3  time: 0:00:08:23 (3)  c/s: 1968  trying: things
[root@testbox etc]#

During long runs if you tap enter, john will let you know what he's doing.

On the john website, somewhere there's a big ol' wordfile that you can specify in /etc/john.ini

**boblucci** · 09-08-2004, 01:36 PM

Thanks Radar!

I'll let you know how i made out.

**gorn** · 09-11-2004, 06:25 PM

Give it a few weeks if it's a good password. Took ~2 weeks for a 7 letter alphanumeric. (Athlon XP 2100+)

**boblucci** · 09-11-2004, 11:10 PM

weeks

**gorn** · 09-12-2004, 01:08 AM

[quote author=diavolo link=board=14;threadid=9763;start=0#msg88776 date=1094944216]
weeks

[/quote]

that's for a good password, a weak one will be minutes.

**Compunuts** · 09-12-2004, 08:15 PM

It took a super computer a good weeks to crack a good password. There used to be a DC project that crack passwords.

09-12-2004, 10:25 PM

Soo you are telling me I should change my password from foobar?

**Compunuts** · 09-13-2004, 03:14 AM

Nah, just leave it blank.

Thread: john the ripper

Thread Tools

Display

john the ripper

Re:john the ripper

Re:john the ripper - Quickie

Re:john the ripper

Re:john the ripper

Re:john the ripper

Re:john the ripper

Re:john the ripper

Re:john the ripper

Re:john the ripper

Similar Threads

Good cd ripper?

John the Ripper add-on

theKompany releases free (as in beer) Ogg Ripper

american taliban john walker lindh's usenet posts

John Walker's Punishment

Bookmarks

Bookmarks

Posting Permissions