Convert Figma logo to code with AI

openwall logojohn

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs

9,984
2,064
9,984
463
View on GitHub

Top Related Projects

openwall's avatar

john

9,984

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs

hashcat's avatar

hashcat

20,838

World's fastest and most advanced password recovery utility

vanhauser-thc's avatar

thc-hydra

9,483

hydra

trustedsec's avatar

social-engineer-toolkit

10,692

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

hashtopolis's avatar

server

1,420

Hashtopolis - distributed password cracking with Hashcat

digininja's avatar

CeWL

1,899

CeWL is a Custom Word List Generator

Quick Overview

John the Ripper is an advanced open-source password cracking tool. It combines several cracking modes and is highly configurable, making it a popular choice for both security professionals and penetration testers. John the Ripper is designed to detect weak Unix passwords, but can also crack various other types of hashed or encrypted passwords.

Pros

  • Highly versatile, supporting numerous hash types and encryption algorithms
  • Actively maintained with regular updates and community contributions
  • Offers both CPU and GPU-based cracking for improved performance
  • Includes advanced features like word mangling rules and incremental mode

Cons

  • Can be complex for beginners due to its extensive options and configurations
  • Resource-intensive, especially when dealing with strong hashes or large datasets
  • Some advanced features require compilation from source code
  • Documentation can be overwhelming for new users

Getting Started

To get started with John the Ripper:

  1. Download the latest version from the official website or GitHub repository.
  2. Extract the archive and navigate to the extracted directory.
  3. For basic usage, run:
./john --wordlist=password.lst --format=raw-md5 hashes.txt

Replace raw-md5 with the appropriate hash format and provide your own wordlist and hash file.

For more advanced usage, consult the documentation and man pages:

man john
./john --list=formats
./john --list=options

Remember to use John the Ripper responsibly and only on systems and passwords you have permission to test.

Competitor Comparisons

openwall logo

john

9,984

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs

Pros of John

  • More active development and frequent updates
  • Larger community and contributor base
  • Better documentation and user support

Cons of John

  • Potentially less stable due to frequent changes
  • May have more complex codebase due to additional features

Code Comparison

John:

#ifdef HAVE_OPENCL
#include "opencl_misc.h"
#include "opencl_md5.h"
#endif

John>:

#include "arch.h"
#include "misc.h"
#include "common.h"
#include "formats.h"

Summary

John and John> are essentially the same project, with John being the main repository and John> likely being a fork or alternative version. The comparison above is based on the assumption that John is the primary, more actively maintained version. In reality, both repositories appear to be identical, containing the same codebase for the John the Ripper password cracker. Users should refer to the main John repository for the most up-to-date and widely supported version of the software.

hashcat logo

hashcat

20,838

World's fastest and most advanced password recovery utility

Pros of hashcat

  • Significantly faster performance, especially on GPU hardware
  • Supports a wider range of hash types and encryption algorithms
  • More actively maintained with frequent updates

Cons of hashcat

  • Steeper learning curve and more complex command-line interface
  • Requires compatible GPU hardware for optimal performance
  • Less portable due to hardware dependencies

Code comparison

John:

john --wordlist=passwords.txt --format=md5crypt hashes.txt

hashcat:

hashcat -m 500 -a 0 -o cracked.txt hashes.txt wordlist.txt

Both tools use similar command-line structures, but hashcat requires specifying the hash mode (-m) and attack mode (-a). John often autodetects the hash type, making it simpler for beginners.

hashcat offers more granular control over the cracking process, including workload profiles, rule sets, and device selection. This flexibility contributes to its superior performance but also increases complexity.

John is generally easier to use out-of-the-box, especially for simple password cracking tasks. It's more suitable for users who prioritize ease of use and portability across different systems.

hashcat excels in high-performance scenarios, particularly when leveraging GPU acceleration. It's the preferred choice for advanced users and those dealing with large-scale password cracking operations.

vanhauser-thc logo

thc-hydra

9,483

hydra

Pros of THC-Hydra

  • Supports a wider range of protocols and services for online password cracking
  • Generally faster for online attacks due to its parallel processing capabilities
  • More actively maintained with frequent updates and contributions

Cons of THC-Hydra

  • Less versatile for offline password cracking compared to John the Ripper
  • Lacks some advanced features and customization options available in John
  • May be more complex to use for beginners due to its extensive options

Code Comparison

THC-Hydra:

for (i = 0; i < hydra_options.max_use; i++)
  if (hydra_heads[i]->active == HEAD_UNUSED)
    break;

John the Ripper:

for (index = 0; index < crk_params.max_keys_per_crypt; index++) {
    if (crk_methods.crypt_all(index) == 0)
        break;
}

Both projects use similar looping structures for processing, but THC-Hydra focuses on managing multiple connection "heads" for parallel attacks, while John the Ripper iterates through cryptographic operations for each key in offline cracking.

trustedsec logo

social-engineer-toolkit

10,692

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

Pros of Social-Engineer Toolkit

  • Focuses on social engineering attacks, providing a comprehensive suite of tools
  • Regularly updated with new features and attack vectors
  • User-friendly interface with menu-driven options

Cons of Social-Engineer Toolkit

  • More specialized, primarily for social engineering rather than password cracking
  • Requires more setup and dependencies compared to John the Ripper
  • May have a steeper learning curve for beginners

Code Comparison

Social-Engineer Toolkit:

# Example of a phishing attack setup
choice = input("Select attack vector: ")
if choice == "1":
    site = input("Enter site to clone: ")
    clone_site(site)

John the Ripper:

// Example of password cracking
void do_wordlist_crack(struct db_main *db, char *name, int rules)
{
    wordlist_mode = 1;
    ldr_init_database(db, &options.loader);
}

Both tools serve different purposes in the security landscape. John the Ripper excels at password cracking, while Social-Engineer Toolkit provides a broader range of social engineering attack tools. The choice between them depends on the specific security testing or penetration testing needs of the user.

hashtopolis logo

server

1,420

Hashtopolis - distributed password cracking with Hashcat

Pros of Hashtopolis

  • Distributed architecture for scalable password cracking
  • Web-based interface for easier management and monitoring
  • Supports multiple hash types and cracking tools

Cons of Hashtopolis

  • More complex setup compared to John the Ripper
  • Requires additional infrastructure (database, web server)
  • Less mature project with potentially fewer community contributions

Code Comparison

John the Ripper:

void john_register_one(struct fmt_main *format)
{
	format->private.initialized = 0;
	format->next = fmt_list;
	fmt_list = format;
}

Hashtopolis:

public function getTask($taskId) {
    $queryFilter = new QueryFilter(Task::TASK_ID, $taskId, "=");
    $tasks = $this->getDB()->filter([Factory::getTaskFactory()->getModelName()], $queryFilter);
    if (sizeof($tasks) == 0) {
        return null;
    }
    return $tasks[0];
}

John the Ripper is primarily written in C for performance, while Hashtopolis uses PHP for its web-based architecture. John focuses on efficient password cracking algorithms, whereas Hashtopolis emphasizes task distribution and management across multiple nodes.

digininja logo

CeWL

1,899

CeWL is a Custom Word List Generator

Pros of CeWL

  • Specialized in generating custom wordlists from web content
  • Lightweight and focused on a specific task
  • Easier to use for targeted wordlist creation

Cons of CeWL

  • Limited functionality compared to John's broader password cracking capabilities
  • Less active development and smaller community support
  • Fewer supported platforms and integration options

Code Comparison

CeWL (Ruby):

def parse_page(url, depth)
  @depth = depth
  @url = url
  @wordlist = []
  @linkqueue = Queue.new
  @linkqueue.push(url)
  # ... (additional code)
end

John (C):

static void john_load(void)
{
	struct list_entry *current;

	if (options.flags & FLG_EXTERNAL_CHK)
		ext_init(options.external);

	if (options.flags & FLG_MAKECHR_CHK) {
		// ... (additional code)
	}
}

Summary

John is a comprehensive password cracking tool with extensive features and broad platform support. CeWL, on the other hand, is a specialized tool for generating custom wordlists from web content. While John offers more versatility and active development, CeWL provides a focused solution for creating targeted wordlists. The choice between the two depends on the specific requirements of the task at hand.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

Circle CI Downloads License GitHub commit activity GitHub commits since tagged version

John the Ripper

This is the community-enhanced, "jumbo" version of John the Ripper. It has a lot of code, documentation, and data contributed by jumbo developers and the user community. It is easy for new code to be added to jumbo, and the quality requirements are low, although lately we've started subjecting all contributions to quite some automated testing. This means that you get a lot of functionality that is not necessarily "mature", which in turn means that bugs in this code are to be expected.

John the Ripper homepage is:

https://www.openwall.com/john/

If you have any comments on this release or on JtR in general, please join the john-users mailing list and post in there:

https://www.openwall.com/lists/john-users/

For contributions to John the Ripper jumbo, please use pull requests on GitHub:

https://github.com/openwall/john/blob/bleeding-jumbo/CONTRIBUTING.md

Included below is basic John the Ripper core documentation.

John the Ripper password cracker.

John the Ripper is a fast password cracker, currently available for many flavors of Unix, macOS, Windows, DOS, BeOS, and OpenVMS (the latter requires a contributed patch). Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos/AFS and Windows LM hashes, as well as DES-based tripcodes, plus hundreds of additional hashes and ciphers in "-jumbo" versions.

How to install.

See INSTALL for information on installing John on your system.

How to use.

To run John, you need to supply it with some password files and optionally specify a cracking mode, like this, using the default order of modes and assuming that "passwd" is a copy of your password file:

john passwd

or, to restrict it to the wordlist mode only, but permitting the use of word mangling rules:

john --wordlist=password.lst --rules passwd

Cracked passwords will be printed to the terminal and saved in the file called $JOHN/john.pot (in the documentation and in the configuration file for John, "$JOHN" refers to John's "home directory"; which directory it really is depends on how you installed John). The $JOHN/john.pot file is also used to not load password hashes that you already cracked when you run John the next time.

To retrieve the cracked passwords, run:

john --show passwd

While cracking, you can press any key for status, or 'q' or Ctrl-C to abort the session saving its state to a file ($JOHN/john.rec by default). If you press Ctrl-C for a second time before John had a chance to complete handling of your first Ctrl-C, John will abort immediately without saving. By default, the state is also saved every 10 minutes to permit for recovery in case of a crash.

To continue an interrupted session, run:

john --restore

These are just the most essential things you can do with John. For a complete list of command line options and for more complicated usage examples you should refer to OPTIONS and EXAMPLES, respectively.

Please note that "binary" (pre-compiled) distributions of John may include alternate executables instead of just "john". You may need to choose the executable that fits your system best, e.g. "john-omp" to take advantage of multiple CPUs and/or CPU cores.

Features.

John the Ripper is designed to be both feature-rich and fast. It combines several cracking modes in one program and is fully configurable for your particular needs (you can even define a custom cracking mode using the built-in compiler supporting a subset of C). Also, John is available for several different platforms which enables you to use the same cracker everywhere (you can even continue a cracking session which you started on another platform).

Out of the box, John supports (and autodetects) the following Unix crypt(3) hash types: traditional DES-based, "bigcrypt", BSDI extended DES-based, FreeBSD MD5-based (also used on Linux and in Cisco IOS), and OpenBSD Blowfish-based (now also used on some Linux distributions and supported by recent versions of Solaris). Also supported out of the box are Kerberos/AFS and Windows LM (DES-based) hashes, as well as DES-based tripcodes.

When running on Linux distributions with glibc 2.7+, John 1.7.6+ additionally supports (and autodetects) SHA-crypt hashes (which are actually used by recent versions of Fedora and Ubuntu), with optional OpenMP parallelization (requires GCC 4.2+, needs to be explicitly enabled at compile-time by uncommenting the proper OMPFLAGS line near the beginning of the Makefile).

Similarly, when running on recent versions of Solaris, John 1.7.6+ supports and autodetects SHA-crypt and SunMD5 hashes, also with optional OpenMP parallelization (requires GCC 4.2+ or recent Sun Studio, needs to be explicitly enabled at compile-time by uncommenting the proper OMPFLAGS line near the beginning of the Makefile and at runtime by setting the OMP_NUM_THREADS environment variable to the desired number of threads).

"-jumbo" versions add support for hundreds of additional hash and cipher types, including fast built-in implementations of SHA-crypt and SunMD5, Windows NTLM (MD4-based) password hashes, various macOS and Mac OS X user password hashes, fast hashes such as raw MD5, SHA-1, SHA-256, and SHA-512 (which many "web applications" historically misuse for passwords), various other "web application" password hashes, various SQL and LDAP server password hashes, and lots of other hash types, as well as many non-hashes such as SSH private keys, S/Key skeykeys files, Kerberos TGTs, encrypted filesystems such as macOS .dmg files and "sparse bundles", encrypted archives such as ZIP (classic PKZIP and WinZip/AES), RAR, and 7z, encrypted document files such as PDF and Microsoft Office's - and these are just some examples. To load some of these larger files for cracking, a corresponding bundled *2john program should be used first, and then its output fed into JtR -jumbo.

Graphical User Interface (GUI).

There is an official GUI for John the Ripper: Johnny.

Despite the fact that Johnny is oriented onto JtR core, all basic functionality is supposed to work in all versions, including jumbo.

Johnny is a separate program, therefore you need to have John the Ripper installed in order to use it.

More information about Johnny and its releases is on the wiki:

https://openwall.info/wiki/john/johnny

Documentation.

The rest of documentation is located in separate files, listed here in the recommended order of reading:

  • INSTALL - installation instructions
  • OPTIONS - command line options and additional utilities
  • MODES - cracking modes: what they are
  • CONFIG (*) - how to customize
  • RULES (*) - wordlist rules syntax
  • EXTERNAL (*) - defining an external mode
  • EXAMPLES - usage examples - strongly recommended
  • FAQ - guess
  • CHANGES (*) - history of changes
  • CONTACT (*) - how to contact the author or otherwise obtain support
  • CREDITS (*) - credits
  • LICENSE - copyrights and licensing terms
  • COPYING - GNU GPL version 2, as referenced by LICENSE above

(*) most users can safely skip these.

There are a lot of additional documentation files in jumbo's "doc" directory, which you'll also want to explore.

Happy reading!