Password cracking and password recovery software

Objectives

The goal in the context of the project is to gain knowledge and skills about using of Password cracking and password recovery software, for example, Hashcat advanced password recovery and John the Ripper password cracker.

HashCat is a well-known and the self-proclaimed world’s fastest and most advanced password cracking tool. This tool has 7 attack modes for 200+ highly-optimized hashing algorithms (MD4, MD5, SHA-family, Unix Crypt, MySQL, Cisco Pix, etc.). It currently supports: CPUs, GPUs, and other hardware accelerators on Linux, Windows, and macOS, and has facilities to help enable distributed password cracking.

Features:

  • World’s fastest password cracker, first and only in-kernel rule engine.
  • Free and Open-Source (MIT License).
  • Multi-OS (Linux, Windows and macOS) and Multi-Platform (CPU, GPU, DSP, FPGA, etc.).
  • Can crack multiple hashes at the same time.
  • Multi-Devices & Multi-Device-Types : utilizing multiple (mixed) devices in same system.
  • Supports: password candidate brain functionality, distributed cracking networks (using overlay), interactive pause/resume, sessions, restore, reading password candidates from file and stdin, hex-salt and hex-charset, automatic performance tuning, automatic keyspace ordering markov-chains.
  • Built-in benchmarking system.
  • Integrated thermal watchdog.
  • 200+ Hash-types implemented with performance in mind.
  • GPU DriverRequirements:
  • AMD GPUs on Linux: RadeonOpenCompute (ROCm) Software Platform (1.6.180+)
  • AMD GPUs on Windows: AMD Radeon Software Crimson Edition (15.12+)
  • Intel CPUs: OpenCL Runtime for Intel Core and Intel Xeon Processors (16.1.1+)
  • Intel GPUs on Linux: OpenCL 2.0 GPU Driver Package for Linux (2.0+)
  • Intel GPUs on Windows: OpenCL Driver for Intel Iris and Intel HD Graphics
  • NVIDIA GPUs: NVIDIA Driver (367.x+)

Attack Modes: Brute-Force attack; Combinator attack; Dictionary attack; Hybrid attack; Mask attack; Rule-based attack; Toggle-Case attack.


John the Ripper password cracker

John the Ripper is an Open Source password security auditing and password recovery tool available for many operating systems. John the Ripper jumbo supports hundreds of hash and cipher types, including for: user passwords of Unix flavors (Linux, *BSD, Solaris, AIX, QNX, etc.), macOS, Windows, "web apps" (e.g., WordPress), groupware (e.g., Notes/Domino), and database servers (SQL, LDAP, etc.); network traffic captures (Windows network authentication, WiFi WPA-PSK, etc.); encrypted private keys (SSH, GnuPG, cryptocurrency wallets, etc.), filesystems and disks (macOS .dmg files and "sparse bundles", Windows BitLocker, etc.), archives (ZIP, RAR, 7z), and document files (PDF, Microsoft Office's, etc.) These are just some of the examples - there are many more.

John the Ripper is free and Open Source software, distributed primarily in source code form. John the Ripper Pro is distributed primarily in the form of commercial "native" packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance.


Proceed to John the Ripper Pro homepage for your OS:

  • John the Ripper Pro for Linux
  • John the Ripper Pro for macOS
  • On Windows, consider Hash Suite (developed by a contributor to John the Ripper)
  • On Android, consider Hash Suite Droid
Resources for future reading:




Last modified: Saturday, 10 July 2021, 3:29 PM