John the Ripper

John the Ripper, JtR or short John, is one of Alexander Peslyak (Solar Designer) written and widely used tools to test authentication facilities and passwords. It is subject to the GNU General Public License, making it open source and freely available. Originally developed for Unix operating systems, it is currently run on 14 different operating systems. Also the source code is provided for adaptation to other computer systems. John is one of the most popular programs for decoding and testing of passwords.

John is provided for encrypted passwords a system by brute force or by a dictionary attack (Dictionary Attack, passwords read from a text file ) to decrypt. This works by encrypting a text string, the so-called "candidate ", and subsequent comparison of the encrypted text string with the already encrypted password. Both are equal, the password, or a hash collision has been found. The text strings used can be read from a list of words, or in incremental mode are generated based on regular expressions of John. For the latter mode numerous expressions are included, which are based in how people form passwords.

The assembly instructions with MMX extension, which represented the best optimization for a long time ( for x86 CPUs), was replaced by the modern SSE2 assembler commands since version 1.7.2. It allows on newer CPUs a significant increase in performance. This is due to the less used SSE2 instruction set, but rather the number of registers, which offer newer CPUs. Whereas previously only 8 registers integrated into the CPU, so there are already a new AMD / INTEL processors 16

There is one restriction, which may still be adjusted for AMD. AMD processors are in 32- bit mode only 8 of the 16 registers. Therefore, it is advisable for AMD64 processors ( in 32- bit mode) to select the 64 -bit mode or as MMX optimization. This realization led to the development SSE2 in John The Ripper.

Also a AltiVec support for the PowerPC architecture (PPC ) was introduced, which would also bring tremendous speed improvements.

Since version 1.7.2 John SSE2 also offers on various BSD operating systems. To stand for OpenBSD, FreeBSD and NetBSD much more build targets available.

John The Ripper is capable of DES ( Traditional, BSDI, Kerberos, Microsoft LM), MD5 and Blowfish to crack. Patches that can be found on the website as well, but are not officially supported, allow much more algorithms or password files of various software to crack. The focus of John is clear but with cryptographic hash functions instead of file formats.

Also new since version 1.7.2 a commercial version which, however, also brings the source code. This version should be directed at companies that use John regular testing of their passwords. Rules changed as well as some improvements to the documentation (which was matched to the target platform ) have been made exclusively for this release. Companies and administrators so that a time advantage, which is partly serious compared to the free version, which often requires changes manually to the configuration.

Distributed and Parallel Computing

Using Distributed John ( djohn ) allows the computation among several computers on the principle of distributed computing divide. With the help of John -MPI ( John the Ripper MPI patch ) the amount of computation across multiple cores of one or more systems based on the principle of the parallel computing can be divided using MPI.

See also: Asymmetric Cryptosystem

Terms of Use

John the Ripper can create or reveal passwords to unauthorized circumvention of security measures. Thus, certain actions, such as the targeted distribution for this purpose in Germany according to § 202c ( "Hacker Clause " ) is punishable.