Network Penetration Testing and Ethical Hacking -3
The John the Ripper passwordcracker (called“John” for short) wascreated by
most high-performanceand flexible password crackingtools available today.
Most penetration testers usethe
free version; althoughacommercial version called John the RipperPro has been released. This low-cost
commercial versionisprecompiledfor various kindsofsystem (someLinux distributions and Mac OS Xasof
this writing).The commercial version also
auto—detectsanyperformanceenhancement technologies supported
bytheprocessorofthe machine onwhich itisinstalled suchasthe MMX instruction set or
savingapenetration tester time in havingtocompile a specialversion forgivenhardware. In alab comingup
shortly, we experimentwith compiling an SSEZ-specificversionofJohn. Thepaywareversion alsocomeswith
Both the free and commercial versionsofJohnsupp01tcracking numerous password representations.For Linux
and UNIX,Johncancrack the traditional DES scheme, along with various modifications
ofthat scheme. It
cracksMDShashes, Blowfish hashes, and others. For Windows, John cracks onlyLANMAN natively.There are
separate patchesthatcanextend it to crack NT hashes, LANMAN challenge/response,andNTLle.The latter
two require OpenSSLtobe installed because they rely onthecryptoroutines
ofthatpackage. Our next lab
includes patchingJohntohandle NT hashes.
BeyondWindows and Linux/UNIX, Johncancracknumerousother password types, including S/Key (a one-
time passwordmechanism hardlyused today),
Kerberos V5, Andrew FileSystem (AFS)KerberosV4,Netscape
LDAP SHA hashes, MySQL passwords,and others.
TheJohn~the—RipperJumbo Patch, freely downloadable, includesalotofdifferent algorithms, but, according to
the documentation, "Yougetalotoffunctionalitythatisnot 'mature' enough orisotherwise inappropriatefor
the official JtR...bugs
be expected."Someofthe changesin the Jumbo Patch could
orwill not actuallycrack the password types they are supposed to crack. For thatreason, manypenetration
testers applyindividual patches for John, suchasthe patch to crack NT hashes, which
wedoin the nextlab.