Crack Passwords using John the Ripper with Multiple CPU Cores (OpenMP)

John the Ripper is a fast and famous password cracker.

John can break many password hashes, but one of the primary missing feature was the CPU multiple core support. But today, John the Ripper 1.7.9 supports OpenMP which brings Multi-Processing. Of course this feature was present on some patched versions of John, but since the 1.7.9 version it is officially integrated.

One of the best platform on which you should use John the Ripper is UNIX, I personally prefer running john on Debian x86_64.

Let’s try some simple steps to enable and illustrate the new feature

  • First go to http://www.openwall.com/john/, and download the latest version. When I write this article the latest stable release was 1.7.9.

    $ wget http://www.openwall.com/john/g/john-1.7.9.tar.gz
    $ tar -xvzf john-1.7.9.tar.gz

  • Now let’s make some changes inside the Makefile to enable the use of OpenMP

    $ cd john-1.7.9/src/
    john-1.7.9/src$ nano Makefile

  • Locate the following lines:

    # gcc with OpenMP
    #OMPFLAGS = -fopenmp
    #OMPFLAGS = -fopenmp -msse2
    
  • Uncomment OMPFLAGS

    # gcc with OpenMP
    OMPFLAGS = -fopenmp
    OMPFLAGS = -fopenmp -msse2
    
  • Before compiling john, make sure you have gcc installed! Now, let’s compile john.

    john-1.7.9/src$ make

    This command will list all the systems where john can be compiled on. So, because I’m running Debian x86_64, I will choose linux-x86-64.

    john-1.7.9/src$ make linux-x86-64

    John should be located in the ../run folder.

  • Let’s try John

    john-1.7.9/src$ cd ../run/
    john-1.7.9/run$ ./john --test

    Some benches should appear…

    Benchmarking: Traditional DES [128/128 BS SSE2-16]... DONE
    Many salts: 7651K c/s real, 3872K c/s virtual
    Only one salt:  6876K c/s real, 3487K c/s virtual
    

    At this stage, John should now use all your CPU cores.

  • Now let’s do something fun, if you want John to use a certain amount of cores you can adjust it with the environment variable OMP_NUM_THREADS:

    john-1.7.9/run$ OMP_NUM_THREADS=1 ./john --test

    Benchmarking: Traditional DES [128/128 BS SSE2-16]... DONE
    Many salts: 3982K c/s real, 3990K c/s virtual
    Only one salt:  3770K c/s real, 3770K c/s virtual
    

    As you can see, this bench is twice slower than the previous one. That's because I requested OpenMP to use only one core on my dual-core CPU.

    Feel free to adjust the number of cores you want to use with OMP_NUM_THREADS.

Three other quick tips regarding John the Ripper

  • Restore your previous job in background

    ./john --restore &> /dev/null &

  • Get the status for the current task

    ./john --status

  • Display the plain passwords (cracked hashes)

    ./john --show hash_file

 Let’s see if you can crack some of my UNIX accounts

baby:$6$rc7o1BLw$Qsl9hnQx7W3C3KDagDkWXAXDx0vDWqwM0BOOeQyotXzCvUs6DeijTp3zBsbjCw4ou2OoJXKf6qNC5pEGEsjZF/
mat:$6$Ajsi.AJy$GdZ3iGYzaUk.NoTkGrSpTotskDyg3FIrBMjya7un.WE4r.P/RdhwRb2e6mmdJWZrLHgNuCc1CUEVtj5l4qVec1
milou:$6$UYj2H.Jq$ChyawjKf3XQVftrVpnDEsFFph1P0pElDv3GuBXXTy2ICbB3oVE/6mhyo3poCD532B03fYMSWgR3D7E.qFyXnk/
superman:$6$8HZYSst1$F/8U5nPD9grY/kaC3jWVZcqdawRsa3t9PKKWSI6MZwR9T2vCs8jxWajx7vYcHtSPe0FbIf8LnMDJESTrmaAx7.
toto:$6$Mzwiuppo$4aSvxLcbDD7hhnWj9vr9js7/VZ5hNhrq/b07PVfMc9Y4SeNMNtHci8XYUTAxF7c3qv3uHqByKzdFPAV3KBBog0
master:$6$Jyv/bLLH$wC1eBBFpPclSwNuS5Lkj1ciqZCtO4d/FQ/8RuWrHRejvAZSn4zSmGDaTYwwgOofytlhwTHD8vE3QuqRYmFdKj0

Have fun with my friend John!

Related terms: