Table of Contents

Cracking/auditing user passwords on recent Ubuntu, Fedora, and Solaris 10+ (SHA-crypt)

John the Ripper 1.7.6+

Detailed tutorials have been posted to the john-users list, separately for Linux (using Fedora 12 as the specific example) and for Solaris 10. These include optional OpenMP parallelization instructions and examples (to use multiple CPUs and/or CPU cores).

John the Ripper 1.7.9-jumbo-6+

CPU

In 1.7.9-jumbo-6 and newer (when compiled with OpenSSL 0.9.8 or newer), there's support for ”–format=sha512crypt” and ”–format=sha256crypt”, which does not depend on the underlying OS and is typically about 35% faster than glibc's implementation on x86-64.

GPU

There's support for sha512crypt implemented in CUDA (for NVIDIA graphics cards) and OpenCL (for NVIDIA, AMD/ATI, and even CPUs). There's also support for the less common sha256crypt in CUDA (thus, NVIDIA only). To use these, John the Ripper needs to be built with a -gpu (both CUDA and OpenCL), -cuda, or -opencl make target, and then a proper format name needs to be requested, e.g. with ”–format=sha512crypt-opencl”.

As of this writing, the OpenCL code for sha512crypt is actually faster than the CUDA code, so it should be used on NVIDIA cards as well. In fact, it's faster on NVIDIA than on AMD (even though it's the other way around for most other password hashes). For example, it achieves about 11400 c/s (at the default of rounds=5000) on GTX 570 at 1600 MHz.

Back to John the Ripper tutorials.