John the Ripper

from Wikipedia, the free encyclopedia
John the Ripper
Basic data

developer SolarDesigner / Openwall Project
Current  version 1.9.0
( April 12, 2019 )
operating system Unix , Win32 or DOS
programming language C.
category Spy software
License GPL
openwall.com/john/

John the Ripper , short John or JtR , is a widely used free software for testing authentication devices and passwords written by Alexander Peslyak (SolarDesigner) . The program is subject to the GNU General Public License . Originally developed for Unix operating systems, it currently runs on 14 different operating systems. The source code is also provided for adaptation to other computer systems. John is one of the most popular programs for decoding and testing passwords.

John is intended to decrypt encrypted passwords of a system by brute force or by a dictionary attack (dictionary attack, reading passwords from a text file). This works by encrypting a text string, the so-called "candidate", and then comparing the encrypted text string with the already encrypted password. If both are the same, the password or a hash collision was found. The text strings used can be read from a word list, or generated in incremental mode using regular expressions by John. For the latter mode, there are numerous expressions that are based on how people form passwords.

The assembly instructions with MMX extension, which for a long time the best optimization (for x86 - CPUs ) figured was from version 1.7.2 by the modern SSE2 replaced -Assemblerbefehle. It enables a significant increase in performance on newer CPUs. The reason for this is not so much the SSE2 instruction set used, but rather the number of registers offered by newer CPUs. Whereas previously only 8 registers were integrated into the CPU, the new AMD / INTEL processors already have 16.

A restriction applies to AMD, which may still be corrected. AMD processors are only available to 8 of the 16 registers in 32-bit mode. It is therefore advisable to choose the 64-bit operating mode or MMX (in 32-bit mode) as optimization for AMD64 processors . This realization led to the SSE2 development in John The Ripper.

Also was AltiVec Support for the PowerPC architecture (PPC) was introduced, which also tremendous speed increases to bring.

From version 1.7.2, John also offers SSE2 on various BSD operating systems. There are many more build targets available for OpenBSD , FreeBSD and NetBSD .

John The Ripper is able to crack DES (Traditional, BSDI, Kerberos, Microsoft LM), MD5 and Blowfish . Patches , which can also be found on the website but are not officially supported, make it possible to crack a lot more algorithms and password files from various software. But John's focus is clearly on cryptographic hash functions instead of file formats.

Also new from version 1.7.2 is a commercial version, which, however, also includes the source code. This version is aimed at companies that use John to regularly check their passwords. Changed rules and some improvements to the documentation (which were tailored to the target platform) have been made exclusively for this version. This gives companies and administrators a time advantage that is sometimes serious compared to the free version, which often requires manual changes to the configuration.

Distributed and parallel computing

With the help of Distributed John (djohn), the computing effort can be divided between several computers according to the principle of distributed computing . With the help of John-MPI (John the Ripper MPI-Patch), the computing effort can be divided among several cores of one or more systems according to the principle of parallel computing using MPI .

Legal

John the Ripper can create or reveal passwords for unauthorized circumvention of security measures. Certain actions, such as targeted distribution for this purpose, are therefore punishable in Germany under Section 202c of the German Criminal Code ( “hacker paragraph” ).

Web links

Individual evidence

  1. Release 1.9.0 . April 12, 2019 (accessed April 12, 2019).