John the Ripper is a free password cracking software tool. It is one of the most popular password testing/breaking programs as it combines a number of password crackers into one package, autodetects password hash types, and includes a customizable cracker.
It can be run against various encrypted password formats hashes such as:
DES
MD5
Blowfish
Kerberos/AFS
Windows LM/NTLM
MD4 (LDAP, MySQL etc)
One of the modes JtR can use is the dictionary attack. It takes text strings from a wordlist, containing words found in a dictionary, encrypting it in the same format as the password being examined (including both the encryption algorithm and key), and comparing the output to the encrypted string. It can also perform a variety of alterations to the dictionary words and use them in JtR's single attack mode, which modifies an associated plaintext (such as a username with an encrypted password) and checks the variations against the encrypted hashes.
JtR also offers a brute force mode. In this type of attack, the program goes through all the possible plaintexts, hashing each one and comparing it to the input hash. JtR uses character frequency tables to try plaintexts containing more frequently-used characters first. This method is useful for cracking passwords which do not appear in dictionary wordlists, but it does take a longer time to run.
Download John the Ripper here:
John the Ripper 1.7.3.1
Platforms supported: Linux, Mac, Windows
Posts
0 comments:
Post a Comment