John the Ripper v1.9 releases: free password cracking software tool

by do son · Published April 15, 2019 · Updated November 4, 2024

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS (the latter requires a contributed patch). Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos/AFS and Windows LM hashes, as well as DES-based tripcodes, plus many more hashes and ciphers in “community enhanced” -jumbo versions and/or with other contributed patches.

John the Ripper is designed to be both feature-rich and fast. It combines several cracking modes in one program and is fully configurable for your particular needs (you can even define a custom cracking mode using the built-in compiler supporting a subset of C). Also, John is available for several different platforms which enables you to use the same cracker everywhere (you can even continue a cracking session which you started on another platform).

Out of the box, John supports (and autodetects) the following Unix crypt(3) hash types: traditional DES-based, “bigcrypt”, BSDI extended DES-based, FreeBSD MD5-based (also used on Linux and in Cisco IOS), and OpenBSD Blowfish-based (now also used on some Linux distributions and supported by recent versions of Solaris). Also supported out of the box are Kerberos/AFS and Windows LM (DES-based) hashes, as well as DES-based tripcodes.

Changelog v1.9

* Increased the interleaving for bcrypt on x86-64 from 2x to 3x for a major speedup on CPUs without SMT. Unfortunately, this sometimes results in a minor performance regression when running multiple threads on CPUs with SMT.
* Recognize the $2b$ bcrypt prefix.
* In the generic crypt(3) format, detect descrypt with valid vs. invalid salts as separate id’s for our heuristics on supported hash types.
* Introduced a number of optimizations for faster handling of large password hash files, including loading, cracking, and “–show”. Some of these use more memory than before, yet in a more efficient manner.
* Benchmark using all-different candidate passwords of length 7 by default.
* Dropped undocumented special handling of “Mc” in ‘c’ and ‘C’ rule commands.
* Dropped undocumented limitation of the ‘M’ and ‘Q’ rule commands where they would sometimes memorize/check only up to the current hash type’s length limit yet this optimization wouldn’t necessarily be transparent (e.g., if a later command would extract a substring from above the hash type’s length limit and bring it to within the limit).
* Implemented special-case handling of repeated rule commands ‘$’, ‘^’, ‘[‘,
‘]’, ‘{‘, and ‘}’, as well as faster handling of the ‘D’ command.
* When built with “–fork” support, disallow session names with all-digit
suffixes since these clash with those produced by “–fork”.
* Forward SIGTERM to –fork’ed children.

More…