John the ripper password cracker

[Serpious]

Getting this when I go to /forums/.

Plain text:
[spoiler]

Products
Openwall GNU/*/Linux server OS
John the Ripper password cracker
Free & Open Source for any platform
Pro for Linux (RPM package)
Pro for Mac OS X (dmg package)
Wordlists for password cracking
passwdqc policy enforcement
phpass password hashing in PHP
crypt_blowfish ditto in C/C++
tcb better password shadowing
Pluggable Authentication Modules
scanlogd port scan detector
popa3d tiny POP3 daemon
blists web interface to mailing lists
msulogin single user mode login
Linux kernel security hardening
Services
Publications
Articles
Presentations
Community
Mailing lists
Community wiki
Donations
Resources
Source code repository (CVSweb)
File archive & mirrors
How to verify digital signatures
Password recovery resources
Recommended books
What's new
John the Ripper password cracker

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus many more with contributed patches.

Openwall GNU/*/Linux 3.0 - a small security-enhanced Linux distro for servers
John the Ripper is free and Open Source software, distributed primarily in source code form. If you would rather use a commercial product tailored for your specific operating system, please consider John the Ripper Pro, which is distributed primarily in the form of "native" packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance.

Proceed to John the Ripper Pro homepage for your OS:

John the Ripper Pro for Linux
John the Ripper Pro for Mac OS X
Download one of the latest official free versions (release notes):

John the Ripper 1.7.8 (stable, Unix - sources, tar.gz, 830 KB) and its signature
John the Ripper 1.7.8 (stable, Unix - sources, tar.bz2, 680 KB) and its signature
John the Ripper 1.7.0.1 (stable, Windows - binaries, ZIP, 1360 KB) and its signature
John the Ripper 1.7.0.1 (stable, DOS - binaries, ZIP, 895 KB) and its signature
Download the latest community-enhanced version (release notes):

John the Ripper 1.7.8-jumbo-2 (sources, tar.gz, 1192 KB) and its signature
John the Ripper 1.7.8-jumbo-2 (sources, tar.bz2, 1003 KB) and its signature
This version integrates lots of contributed patches adding support for over 40 of additional hash and cipher types (including popular ones such as NTLM, raw MD5, etc.), as well as some optimizations and features. Unfortunately, its overall quality is lower than the official version's. Requires OpenSSL 0.9.7 or newer. There are unofficial binary builds (by John the Ripper user community members) for Windows, Linux, Solaris, and Mac OS X.
Please refer to these pages on how to extract John the Ripper source code from the tar.gz and tar.bz2 archives and how to build (compile) it. You may also consider the patches and unofficial builds on the contributed resources list further down this page.

These and older versions of John the Ripper, patches, unofficial builds, and many other related files are also available from the Openwall file archive.

You may browse the documentation for John the Ripper online, including a summary of changes between versions. Also relevant is the SecurityFocus interview with Solar Designer, the author of John the Ripper.

There's a wiki section with John the Ripper user community resources. The more experienced users and software developers may browse the source code for John the Ripper online, along with revision history information for each source file.

There's a collection of wordlists for use with John the Ripper. It includes lists of common passwords, wordlists for 20+ human languages, and files with the common passwords and unique words for all the languages combined, also with mangling rules applied and any duplicates purged.

Additionally, you may download or purchase Openwall GNU/*/Linux on a CD, which includes a pre-built copy of John the Ripper 1.7.6.1 ready for use without requiring another OS and without having to install on a hard disk (although that is supported). You may not even have a hard disk, or it may be fully occupied by an existing OS install which won't be used or touched. You just boot off the CD, enter the shell (bash and tcsh are included), optionally configure networking with the setup tool (say, if you need to transfer password files to the RAM disk), and start using John! The CD-booted system is fully functional, you may even let it go multi-user with virtual consoles and remote shell access. Besides John, also included and available for use right off the CD are Nmap port scanner, SSH (OpenSSH), FTP (lftp, vsftpd), and Telnet clients and servers, a text Web browser with SSL support (ELinks), an SMTP mail system (Postfix), a POP3 daemon (popa3d), a MUA with POP3 and IMAP client support (Mutt), and more.

An implementation of one of the modern password hashes found in John is also available separately for use in your software or on your servers.

There's a proactive password strength checking module for PAM-aware password changing programs, which can be used to prevent your users from choosing passwords that would be easily cracked with programs like John.

We may help you integrate modern password hashing with crypt_blowfish and/or proactive password strength checking with pam_passwdqc into your OS installs, please check out our services.

There's a mailing list where you can share your experience with John the Ripper and ask questions. Please be sure to specify an informative message subject whenever you post to the list (that is, something better than "question" or "problem"). To subscribe, enter your e-mail address below or send an empty message to <john-users-subscribe at lists.openwall.com>. You will be required to confirm your subscription by "replying" to the automated confirmation request that will be sent to you. You will be able to unsubscribe at any time and we will not use your e-mail address for any other purpose or share it with a third party. However, if you post to the list, other subscribers and those viewing the archives may see your address(es) as specified on your message. The list archive is available locally, as well as via Gmane and MARC. Additionally, there's a list of selected most useful and currently relevant postings on the community wiki.

Your e-mail address:
A separate mailing list exists for John the Ripper development discussions (that is, if you want to discuss and contribute to the source code). Its archive is available locally. To subscribe, enter your e-mail address below or send an empty message to <john-dev-subscribe at lists.openwall.com>.

Your e-mail address:
Contributed resources for John the Ripper:

The jumbo patch for 1.7.8, revision 2 (signature)
This patch integrates lots of contributed patches adding support for over 40 of additional hash and cipher types (including popular ones such as NTLM, raw MD5, etc.), as well as some optimizations and features. Most likely, this is the only patch you may need to apply. Requires OpenSSL 0.9.7+.
There are patches, custom builds, benchmarks, parallel and distributed processing instructions, and other information available on the community wiki
1.7.7 build for Win32 (no jumbo patch) (2.3 MB) by Robert B. Harris
1.7.7-jumbo-1 build for Win32 (2.4 MB) by Robert B. Harris
custom builds of 1.7.7 and 1.7.7-jumbo-1 for Linux (including OpenMP-enabled Fedora 13/14 RPMs)
1.7.6-jumbo-9 with -omp-des-7 build for Mac OS X (Universal) (2.1 MB) by Erik Winkler
1.7.5-jumbo-1 build for Mac OS X (Universal) (1.7 MB) by Erik Winkler
1.7.6 packages for Solaris mostly by Steven M. Christensen of Sunfreeware
BeOS port of 1.6 and 1.6.29 by Adam Milner
OpenVMS and SYSUAF.DAT support (signature) by Jean-loup Gailly
OpenVMS executables for Alpha and VAX (signature)
Local copies of these and many other related patches and packages are also available from the Openwall file archive.

Please refer to the wiki page on how to apply the patches.

John the Ripper is a part of Owl, Debian GNU/Linux, EnGarde Linux, Gentoo Linux, Mandriva Linux, and SUSE Linux. It is in the ports/packages collections of FreeBSD, NetBSD, and OpenBSD.

John the Ripper is a registered project with freshmeat and Ohloh.
Support further work on this software with donations.


Came here looking for password recovery for e-mail accounts or popular file formats (such as Word, Excel, or PDF documents, or ZIP archives) rather than ways to detect weak OS passwords? You'll find that kind of software at ElcomSoft, Rixler Software, and also in the collection of pointers to password recovery resources available locally.

Quick Comment:
Powered by Openwall GNU/*/Linux - Powered by OpenVZ

15977000

[/spoiler]

[~Jagris]

Shoutbawx says we where hacked.

[Serpious]

Shoutbawx says we where hacked.

Well that's not good for the community.

[Xel]

Our master Apoc already took care of it so no need to worry
Issue resolved.