Skills2026年5月15日·1 分钟阅读

John the Ripper — Advanced Offline Password Security Auditor

A fast offline password cracker supporting hundreds of hash types, used by security professionals to audit password strength and test credential policies.

Agent 就绪

先审查再安装

这个资产需要先审查。复制的指令会要求 Agent dry-run、列出写入项,确认后再继续。

Needs Confirmation · 64/100策略:需确认
Agent 入口
任意 MCP/CLI Agent
类型
Skill
安装
Single
信任
信任等级:Established
入口
John the Ripper Overview
先审查命令
npx -y tokrepo@latest install bba35ac4-509b-11f1-9bc6-00163e2b0d79 --target codex

先 dry-run,确认写入项后再运行此命令。

Introduction

John the Ripper is a password security auditing tool designed to detect weak passwords by testing hashed credentials against wordlists, rules, and brute-force patterns. The community-enhanced jumbo version supports over 300 hash and cipher types, making it an essential tool for penetration testers and system administrators auditing password policies.

What John the Ripper Does

  • Cracks password hashes using dictionary, rule-based, and incremental brute-force modes
  • Supports over 300 hash types including Unix crypt, NTLM, Kerberos, and application-specific formats
  • Automatically detects hash formats from input files
  • Distributes workload across multiple CPU cores and optional GPU acceleration via OpenCL
  • Extracts hashes from encrypted archives, documents, and disk images with companion tools

Architecture Overview

John is written in C with heavy use of SIMD intrinsics (SSE2, AVX2, AVX-512) for high-throughput hash computation. The jumbo fork adds OpenCL GPU kernels for supported hash types. A rule engine transforms wordlist entries through character substitutions, appends, and mangling operations. Session management allows pausing and resuming long-running cracks.

Self-Hosting & Configuration

  • Available in most Linux distribution repositories as the core or jumbo package
  • Builds from source with autoconf; GPU support requires OpenCL headers
  • Configuration lives in john.conf with sections for wordlist rules and cracking modes
  • Session files (.rec) allow resuming interrupted runs
  • Works on Linux, macOS, Windows, and various Unix-like systems

Key Features

  • Automatic hash format detection from standard password file formats
  • Rule engine with over 100 built-in mangling rules for smart wordlist expansion
  • Incremental mode for exhaustive character-space brute-force
  • External mode for user-defined cracking algorithms written in C-like syntax
  • MPI and fork-based parallelism for distributed cracking across multiple machines

Comparison with Similar Tools

  • Hashcat — GPU-focused cracker with broader GPU support; John excels at CPU-based cracking and format variety
  • Hydra — online brute-forcer against live services; John works offline against extracted hashes
  • CrackStation — online rainbow table lookup; John handles custom salted hashes that rainbow tables cannot
  • Ophcrack — Windows password cracker using rainbow tables; John supports far more hash types
  • L0phtCrack — commercial Windows password auditor; John is free and cross-platform

FAQ

Q: What is the difference between John and Hashcat? A: John excels at CPU-based cracking with broad format support and flexible rules. Hashcat is optimized for GPU-accelerated cracking. Many professionals use both.

Q: Can John crack encrypted ZIP or PDF files? A: Yes. Companion tools like zip2john, pdf2john, and rar2john extract hashes from encrypted archives for cracking.

Q: Does it support GPU acceleration? A: The jumbo version supports OpenCL for many hash types, enabling GPU acceleration on compatible hardware.

Q: Is it legal to use? A: Password cracking tools are legal to use on systems you own or have explicit authorization to test. They are standard tools in authorized penetration testing.

Sources

讨论

登录后参与讨论。
还没有评论,来写第一条吧。

相关资产