Download and installation. Wget tar zxvf.tar.gz cd johnny/ ls john-1.7.3.1 john-1.7.3.1.tar.gz. John the Ripper is a fast password cracker which is intended to be both elements rich and quick. It combines a few breaking modes in one program and is completely configurable for your specific needs for Offline Password Cracking.
|
The following changes have been made between John 1.8.0 and 1.9.0:
* Increased the interleaving for bcrypt on x86-64 from 2x to 3x for a majorspeedup on CPUs without SMT. Unfortunately, this sometimes results in a minorperformance regression when running multiple threads on CPUs with SMT.
* Recognize the $2b$ bcrypt prefix.
* In the generic crypt(3) format, detect descrypt with valid vs. invalid saltsas separate id's for our heuristics on supported hash types.
* Introduced a number of optimizations for faster handling of large passwordhash files, including loading, cracking, and '--show'. Some of these use morememory than before, yet in a more efficient manner.
* Benchmark using all-different candidate passwords of length 7 by default.
* Dropped undocumented special handling of 'Mc' in 'c' and 'C' rule commands.
* Dropped undocumented limitation of the 'M' and 'Q' rule commands where theywould sometimes memorize/check only up to the current hash type's length limityet this optimization wouldn't necessarily be transparent (e.g., if a latercommand would extract a substring from above the hash type's length limit andbring it to within the limit).
* Implemented special-case handling of repeated rule commands '$', '^', '[',']', '{', and '}', as well as faster handling of the 'D' command.
* When built with '--fork' support, disallow session names with all-digitsuffixes since these clash with those produced by '--fork'.
* Forward SIGTERM to --fork'ed children.
* Set stdout to line buffered (rather than potentially fully buffered), exceptfor '--stdout', '--show', and auxiliary programs such as 'unshadow'.
* On Windows, restore normal processing of Ctrl-C in case our parent (such asJohnny the GUI) had disabled it.
* Added linux-x86*-avx512 and linux-x86*-avx2 make targets, which userespectively AVX-512 and AVX2 for bitslice DES.
* Added linux-mic make target for Intel MIC (first generation Xeon Phi, akaKnights Corner), which uses its 512-bit SIMD intrinsics for bitslice DES.(For second generation Xeon Phi, aka Knights Landing, use linux-x86-64-avx512.)
* Added linux-arm64le, linux-arm32le-neon, and linux-arm32le make targets.(The first two of these make use of ASIMD or NEON for bitslice DES.)
* Added linux-sparc64 make target.
* Made a minor optimization to MMX and SSE2 assembly code for LM hash.
* Dropped Ultrix and SCO support.
* Don't probe for alternate config file names (like john.ini when on Unix).
* 'DokuWiki' external mode sample has been added to the default john.conf.
* Fixed operator precedence in the external mode compiler to be the same as C.
* Fixed an out of bounds write bug in the external mode virtual machine.
* Fixed a bug introduced in version 1.7.4 in the wordlist rules engine, wheresome sequences of rule commands could overflow a word buffer.
* Fixed a bug where unaligned access SSE/AVX instructions would unnecessarilybe generated by GCC 4.6+ in the bitslice DES code in non-OpenMP builds.
* Fixed a bug where 'Warning: no OpenMP support for this hash type' could beprinted in '--stdout' mode.
* Made assorted other bugfixes, portability and documentation enhancements.
The following changes have been made between John 1.7.9.8 and 1.8.0:
* Revised the incremental mode to let the current character counts grow foreach character position independently, with the aim to improve efficiency interms of successful guesses per candidate passwords tested.
* Revised the pre-defined incremental modes, as well as external mode filtersthat are used to generate .chr files.
* Added makechr, a script to (re-)generate .chr files.
* Enhanced the status reporting to include four distinct speed metrics (g/s,p/s, c/s, and C/s).
* Added the '--fork=N' and '--node=MIN[-MAX]/TOTAL' options for trivialparallel and distributed processing.
* In the external mode compiler, treat character literals as unsigned.
* Renamed many of the formats.
* Updated the documentation.
* Relaxed the license for many source files to cut-down BSD.
* Relaxed the license for John the Ripper as a whole from GPLv2 (exact version)to GPLv2 or newer with optional OpenSSL and unRAR exceptions.
* Assorted other changes have been made.
The following changes have been made between John 1.7.9 and 1.7.9.8:
* Enhanced the support for DES-based tripcodes by making use of the bitsliceDES implementation and supporting OpenMP parallelization.
* Implemented bitmaps for fast initial comparison of computed hashes againstthose loaded for cracking. This is applied before hash table lookups, and itallows for the use of smaller hash tables (thereby saving memory) whileachieving the same or greater speed that larger hash tables previously did.The speed increase is due to improved locality of reference (where only thesmaller bitmap is accessed all the time, whereas the larger hash table behindit is only accessed for a percentage of comparisons and additionally it issmaller than it would otherwise need to be).
* Tuned the bitmap and hash table sizes and thresholds based on testing onsaltless hashes on a Core 2'ish CPU.
* When cracking LM hashes, don't store the ASCII encodings of the hashes inmemory, but instead reconstruct them from the binary hashes for writing intojohn.pot when a password gets cracked.
* With 32-bit x86 builds and at least MMX enabled, the 'two hashes at a time'code for bcrypt is now enabled for GCC 4.2 and newer. This change is madebased on benchmark results for different builds made with different versions ofGCC on CPUs ranging from Pentium 3 to Core i7. Unfortunately, there's a knownperformance regression with this change on Atom. Previously, this code wasonly enabled for x86-64 and/or OpenMP-enabled builds.
* The formats interface has been enhanced to better support GPU implementations(in jumbo), as well as fast hashes on multi-CPU systems (not yet made use of).
* Assorted minor corrections to Cygwin builds were made.
* Fixed a bug in the Keyboard external mode (uninitialized variables on'--restore' or when minlength is greater than 1).
* Enhanced the generic crypt(3) format to handle possible NULL returns fromcrypt() and crypt_r().
* Updated the FAQ.
The following changes have been made between John 1.7.8 and 1.7.9:
* Added optional parallelization of the MD5-based crypt(3) code with OpenMP.
* Added optional parallelization of the bitslice DES code with OpenMP.
* Replaced the bitslice DES key setup algorithm with a faster one, whichsignificantly improves performance at LM hashes, as well as at DES-basedcrypt(3) hashes when there's just one salt (or very few salts).
* Optimized the DES S-box x86-64 (16-register SSE2) assembly code.
* Added support for 10-character DES-based tripcodes (not optimized yet).
* Added support for the '$2y$' prefix of bcrypt hashes.
* Added two more hash table sizes (16M and 128M entries) for faster processingof very large numbers of hashes per salt (over 1M).
* Added two pre-defined external mode variables: 'abort' and 'status', whichlet an external mode request the current cracking session to be aborted or thestatus line to be displayed, respectively.
* Made some minor optimizations to external mode function calls and virtualmachine implementation.
* The '--make-charset' option now uses floating-point rather than 64-bitinteger operations, which allows for larger CHARSET_* settings in params.h.
* Added runtime detection of Intel AVX and AMD XOP instruction set extensions,with optional fallback to an alternate program binary.
* In OpenMP-enabled builds, added support for fallback to a non-OpenMP buildwhen the requested thread count is 1.
* Added relbench, a Perl script to compare two 'john --test' benchmark runs,such as for different machines, 'make' targets, C compilers, optimizationoptions, or/and versions of John the Ripper.
* Additional public lists of 'top N passwords' have been merged into thebundled common passwords list, and some insufficiently common passwords wereremoved from the list.
* Many minor enhancements and a few bug fixes were made.
The following changes have been made between John 1.7.7 and 1.7.8:
* The bitslice DES S-box expressions have been replaced with those generatedby Roman Rusakov specifically for John the Ripper. The corresponding assemblycode for x86 with MMX, SSE2, and for x86-64 with SSE2 has been re-generated.For other CPUs and for AVX/XOP, C compilers do a reasonably good job ofgenerating the code from the supplied C source files (with intrinsics whererelevant). The S-box expressions that we were using before had a 21% largergate count, so theoretically this could provide a 21% speedup. In practice,though, a 12% to 14% speedup at DES-based crypt(3) hashes is typical.This effort has been sponsored by Rapid7: https://www.rapid7.com
* Corrected support for bcrypt (OpenBSD Blowfish) hashes of passwordscontaining non-ASCII characters (that is, characters with the 8th bit set).Added support for such hashes produced by crypt_blowfish up to 1.0.4, whichcontained a sign extension bug (inherited from older versions of John).The old buggy behavior may be enabled per-hash, using the '$2x$' prefix.
* The external mode virtual machine's performance has been improved throughadditional multi-op instructions matching common instruction sequences(assign-pop and some triple- and quad-push VM instructions were added).
* A few minor bug fixes and enhancements were made.
The following changes have been made between John 1.7.6.1 and 1.7.7:
* Added Intel AVX and AMD XOP instruction sets support for bitslice DES(with C compiler intrinsics). New make targets: linux-x86-64-avx,linux-x86-64-xop, linux-x86-avx, and linux-x86-xop (these require recentversions of GCC and GNU binutils).
* A 'dummy' 'format' is now supported (plaintext passwords encoded inhexadecimal and prefixed with '$dummy$') - for faster testing and tuning ofcustom wordlists, rule sets, .chr files, and external modes on already known orartificial passwords, as well as for testing of future and modified versions ofJohn itself.
* Apache '$apr1$' MD5-based password hashes are now supported along with theFreeBSD-style MD5-based crypt(3) hashes that were supported previously. Hashesof both of these types may be loaded for cracking simultaneously.
* The '--salts' option threshold is now applied before removal of previouslycracked hashes for consistent behavior with interrupted and continued sessions.
* The 'Idle = Y' setting (which is the default) is now ignored forOpenMP-enabled hash types when the actual number of threads is greater than 1.(Unfortunately, it did not work right at least with GNU libgomp on Linux.)
* When a cracking session terminates or is interrupted, John will now warn theuser if the cracked passwords printed to the terminal while cracking arepotentially incomplete. It will advise the user to use the '--show' option tosee the complete set of cracked passwords with proper post-processing.
* When loading hashes specified on a line on their own (feature introduced in1.7.6), the loader will now ignore leading and trailing whitespace.
* Unless a hash type is forced from the command line, the loader will now printwarnings about additional hash types seen in the input files (beyond the hashtype autodetected initially).
* For use primarily by the jumbo patch (and later by future enhancements to theofficial versions as well), the loader now includes logic to warn the user ofambiguous hash encodings (e.g. LM vs. NTLM vs. raw-MD5, all of which may berepresented as 32 hexadecimal characters) and of excessive partial hashcollisions, which it works around (these are typically caused by an incompleteimplementation of a new hash type).
* The 'unique' and 'unshadow' programs have been made significantly faster.
* 'DateTime', 'Repeats', 'Subsets', 'AtLeast1-Simple', 'AtLeast1-Generic', and'Policy' external mode samples have been added to the default john.conf.
* The self-tests have been enhanced to detect more kinds of program bugs.
* A few minor bug fixes and enhancements were made.
The following changes have been made between John 1.7.6 and 1.7.6.1:
* Corrected a logic error introduced in JtR 1.7.4.2: in 'single crack' mode,we need a salt's key buffer even when we have no words corresponding to thatsalt's hashes to base candidate passwords on. We need this buffer to holdother salts' successful guesses for testing against this salt's hashes.
The following changes have been made between John 1.7.5.1 and 1.7.6:
* Generic crypt(3) support (enabled with '--format=crypt') has been added forauditing password hash types supported by the system but not yet supported byJohn's own optimized cryptographic routines (such as SHA-crypt and SunMD5).
* Optional parallelization of the above has been implemented by means of OpenMPalong with glibc's crypt_r(3) or Solaris' MT-safe crypt(3C).
* Optional parallelization of John's own optimized code for the OpenBSD-styleBlowfish-based crypt(3) (bcrypt) hashes with OpenMP has been added.
* A more suitable version of 32-bit x86 assembly code for Blowfish is nowchosen on Core i7 and similar CPUs (when they happen to run a 32-bit build).
* More optimal DES S-box expressions for PowerPC with AltiVec (making use ofthe conditional select operation) contributed by Dumplinger Boy (Dango-Chu)have been integrated.
* The bitslice DES C source code has been reworked to allow for the use ofarbitrary SIMD intrinsics, which was previously only implemented for AltiVecas a special case.
* Support for SSE2 and MMX intrinsics with bitslice DES (as an alternative tothe supplied assembly code) has been added (currently only enabled for SSE2 onx86-64 when compiling with GCC 4.4+).
* Support for mixed-type longer virtual vectors (such as SSE2+MMX, SSE2+ALU,AltiVec+ALU, and other combinations) with bitslice DES has been added (notenabled by default yet, primarily intended for easy benchmarks on future CPUs,with future compiler versions, with even more SIMD instruction sets, and withdifferent DES S-box expressions that might be available in the future).
* The obsolete 32-bit SPARC assembly implementation of DES has been dropped.
* The loader will now detect password hashes specified on a line on their own,not only as part of an /etc/passwd or PWDUMP format file.
* When run in '--stdin' mode and reading candidate passwords from a terminal(to be typed by the user), John will no longer mess with the terminal settings.
* John will now restore terminal settings not only on normal termination orinterrupt, but also when forcibly interrupted with two Ctrl-C keypresses.
The following changes have been made between John 1.7.5 and 1.7.5.1:
* A new numeric variable has been added to the word mangling rules engine:'p' for position of the character last found with the '/' or '%' commands.
The following changes have been made between John 1.7.4.2 and 1.7.5:
* Support for the use of '--format' along with '--show' or '--make-charset' hasbeen added.
* The choice of .rec and .log filenames for custom session names has been mademore intuitive.
* Support for 'r' (character lists with repeats) and 'p0' (reference to theimmediately preceding character list/range) has been added to the word manglingrules preprocessor.
* The undefined and undocumented behavior of some subtle word mangling rulespreprocessor constructs has been changed to arguably be more sensible.
* Some bugs were fixed, most notably JtR crashing on no password hashes loaded(bug introduced in 1.7.4.2).
The following changes have been made between John 1.7.4 and 1.7.4.2:
* Major performance improvements for processing of very large password filesor sets of files, especially with salt-less or same-salt hashes, achievedprimarily through introduction of two additional hash table sizes (64K and 1Mentries), changes to the loader, and smarter processing of successful guesses(to accommodate getting thousands of hashes successfully cracked per second).
* Many default buffer and hash table sizes have been increased and thresholdsfor the use of hash tables lowered, meaning that John will now tend to usemore memory to achieve better speed (unless it is told not to with the'--save-memory' option).
* Some previously missed common website passwords found on public lists of'top N passwords' have been added to the bundled common passwords list.
* Some bugs introduced in 1.7.4 and affecting wordlist mode's elimination ofconsecutive duplicate candidate passwords have been fixed.
The following changes have been made between John 1.7.3.4 and 1.7.4:
* Support for back-references and 'parallel' ranges has been added to theword mangling rules preprocessor.
* The notion of numeric variables (to be used for character positionsand substring lengths along with numeric constants supported previously)has been introduced into the rules engine. Two pre-defined variables('l' for initial or updated word's length and 'm' for initial ormemorized word's last character position) and 11 user-defined variables('a' through 'k') have been added. Additionally, there's a new numericconstant: 'z' for 'infinite' position or length.
* New rule commands have been added: 'A' (append, insert, or prefix with astring), 'X' (extract a substring from memory and insert), 'v' (subtractand assign to a numeric variable).
* New rule reject flags have been added: ':' (no-op, for use along with the'parallel' ranges feature of the preprocessor) and 'p' (reject unless wordpair commands are allowed, for sharing of the same ruleset between 'singlecrack' and wordlist modes).
* Processing of word mangling rules has been made significantly faster inmultiple ways (caching of the current length, less copying of data, codeand data placement changes for better branch prediction and L1 cache usage,compiler-friendly use of local variables, code micro-optimizations,removal of no-op rule commands in an initial pass).
* The default rulesets for 'single crack' and wordlist modes have beenrevised to make use of the new features, for speed, to produce fewerduplicates, and to attempt additional kinds of candidate passwords (suchas for years 2010 through 2019 with 'year-based' rules).
* The idle priority emulation code has been optimized for lower overhead whenthere appears to be no other demand for CPU time.
* The default for the Idle setting has been changed from N to Y.
The following changes have been made between John 1.7.3.1 and 1.7.3.4:
* 'make check' has been implemented (for Unix-like systems only).
* The '--test' option will now take an optional argument - the duration of eachbenchmark in seconds.
* Section .note.GNU-stack has been added to all assembly files to avoid thestack area unnecessarily being made executable on Linux systems that use thismechanism.
* Some very minor bugs that did not affect normal operation have been fixed.
* Some unimportant compiler warnings have been fixed, a source code comment hasbeen made more verbose and more complete.
The following changes have been made between John 1.7.3 and 1.7.3.1:
* Corrected the x86 assembly files for building on Mac OS X.
* Merged in some generic changes from JtR Pro.
The following changes have been made between John 1.7.2 and 1.7.3:
* Two Blowfish-based crypt(3) hashes may now be computed in parallel for muchbetter performance on modern multi-issue CPUs with a sufficient number ofregisters (e.g., x86-64).
* Bitslice DES assembly code for x86-64 has been converted to useinstruction pointer relative addressing (needed for Mac OS X support).
* New make targets: macosx-universal, macosx-x86-64, solaris-x86-64-cc,solaris-x86-64-gcc, solaris-x86-sse2-cc, solaris-x86-sse2-gcc,solaris-x86-mmx-cc, solaris-x86-mmx-gcc, solaris-x86-any-cc, linux-ia64;other changes to the Makefile.
* Minor bug fixes.
* 'DumbForce' and 'KnownForce' external mode samples have been added to thedefault john.conf.
The following changes have been made between John 1.7.1 and 1.7.2:
* Bitslice DES assembly code for x86-64 making use of the 64-bit modeextended SSE2 with 16 XMM registers has been added for better performanceat DES-based crypt(3) hashes with x86-64 builds on AMD processors.
* New make target for FreeBSD/x86-64.
The following changes have been made between John 1.7.0.2 and 1.7.1:
* Bitslice DES code for x86 with SSE2 has been added for better performanceat DES-based crypt(3) hashes on Pentium 4 and SSE2-capable AMD processors.
* Assorted high-level changes have been applied to improve performanceon current x86-64 processors.
* New make target for NetBSD/SPARC64.
* Minor source code cleanups.
The following changes have been made between John 1.7 and 1.7.0.2:
* Minor bug and portability fixes.
* Better handling of certain uncommon scenarios and improper uses of John.
* Bonus: 'Keyboard' cracker included in the default john.conf (john.ini)that will try sequences of adjacent keys on a keyboard as passwords.
The following changes have been made between John 1.6 and 1.7:
* Bitslice DES code for x86 with MMX: more than twice faster than oldernon-bitslice MMX code.
* Bitsliced the LM hash code as well: now several times faster.
* Significant improvements to the generic bitslice DES code: +20% on RISC.
* PowerPC G4+ AltiVec support (Mac OS X and Linux): effective 128-bitnessfor bitslice DES, resulting in huge speedups.
* First attempt at generic vectorization support for bitslice DES.
* Two MD5 hashes at a time for extra ILP on RISC: up to +80% on Alpha EV5+.
* Generic Blowfish x86 assembly code in addition to the original Pentiumversion: +15% on the Pentium Pro family (up to and including Pentium III),+20% on AMD K6 (Pentium 4 and newer AMD CPUs are more happy running theoriginal Pentium code for Blowfish).
* Verbose logging of events to the global or a session-specific log file.
* Better idle priority emulation with POSIX.1b (POSIX.4) scheduling calls.
* System-wide installation support for *BSD ports and Linux distributions.
* AIX, DU/Tru64 C2, HP-UX tcb files support in unshadow.
* New make targets for Linux/x86-64, Linux/PowerPC, FreeBSD/Alpha,OpenBSD/x86-64, OpenBSD/Alpha, OpenBSD/SPARC, OpenBSD/SPARC64,OpenBSD/PowerPC, OpenBSD/PA-RISC, OpenBSD/VAX, NetBSD/VAX, Solaris/SPARC64,Mac OS X (PowerPC and x86), SCO, BeOS.
* Bug and portability fixes, and new bugs.
* Bonus: 'Strip' cracker included in the default john.conf (john.ini).
John The Ripper 1.7.3.1 Pro Edition
$Owl: Owl/packages/john/john/doc/CHANGES,v 1.117 2019/04/12 01:03:53 solar Exp $