John the Ripper: Difference between revisions
From charlesreid1
No edit summary |
|||
| Line 6: | Line 6: | ||
John works great with other programs, since it does many things well, and each of those capabilities are valuable on their own and can be combined with other programs. For an example, see [[Aircrack and John the Ripper]] | John works great with other programs, since it does many things well, and each of those capabilities are valuable on their own and can be combined with other programs. For an example, see [[Aircrack and John the Ripper]] | ||
==Password Generation== | |||
First, John has a powerful password generation mechanism. It does not simply take wordlists. It can generate many, many more passwords from those wordlists. For example, starting with a list of the 10,000 most common passwords, John can create additional lists with 400,000 or 8 million additional password variations to try. You can carefully control how those variations are generated to target your password search as you go. | First, John has a powerful password generation mechanism. It does not simply take wordlists. It can generate many, many more passwords from those wordlists. For example, starting with a list of the 10,000 most common passwords, John can create additional lists with 400,000 or 8 million additional password variations to try. You can carefully control how those variations are generated to target your password search as you go. | ||
==Password Testing and Encryption== | |||
Second, John has support for many encryption mechanisms built-in, so it can handle a wide variety of password files. If you have a Unix password file with a list of users and encrypted passwords, John can brute force it. | |||
=References= | =References= | ||
Revision as of 20:33, 16 August 2015
John the Ripper is a tool for password cracking and recovery.
John is part of the Kali Top 10
How It Works
John works great with other programs, since it does many things well, and each of those capabilities are valuable on their own and can be combined with other programs. For an example, see Aircrack and John the Ripper
Password Generation
First, John has a powerful password generation mechanism. It does not simply take wordlists. It can generate many, many more passwords from those wordlists. For example, starting with a list of the 10,000 most common passwords, John can create additional lists with 400,000 or 8 million additional password variations to try. You can carefully control how those variations are generated to target your password search as you go.
Password Testing and Encryption
Second, John has support for many encryption mechanisms built-in, so it can handle a wide variety of password files. If you have a Unix password file with a list of users and encrypted passwords, John can brute force it.
References
A fantastic and thorough list of tutorials for beginners: http://openwall.info/wiki/john/tutorials