John the Ripper v1.7.5
Description
John the Ripper permet d'extraire en autre les mots de passe à partir du hash LM (casse ignorée) et NTLM (casse prise en compte) d'un PC sous Windows NT/2000/XP/2003/Vista/2008/7.
Algorithmes supportés :
- DES traditionnel
- BSDI DES
- FreeBSD MD5
- OpenBSD Blowfish
- Kerberos AFS DES
- NT LM DES
- NT MD4
- Mac OS X 10.4+ salted SHA-1
- M$ Cache Hash
- Apache MD5
- HMAC MD5
- Post.Office MD5
- Raw MD5
- MD5 Générique
- PHPass MD5
- IPB2 MD5
- Raw SHA-1
- Kerberos v5 TGT
- Netscape LDAP SHA
- Netscape LDAP SSHA
- OpenLDAP SSHA
- Eggdrop
- Oracle
- Oracle 11g
- MYSQL
- MYSQL_fast
- MySQL 4.1 double-SHA-1
- Lotus5
- Internet Password sécurisé (Lotus v6)
- LM Network Challenge/Réponse (LM C/R DES)
- NTLMv1 Network Challenge/Réponse (NTLMv1 C/R MD4 DES)
- LMv2 C/R MD4 HMAC-MD5
- NTLMv2 C/R MD4 HMAC-MD5
- HalfLM C/R DES
- MS-SQL (2000)
- MS-SQL05 (2005)
- EPiServer SID Hashes
- PHPS MD5
- PIX MD5
- SAP CODVN G
- SAP BCODE
- Netscreen MD5
- Authentification d'access HTTP Digest
Utilisation de John the Ripper
Lorsque John est lancé sans option, il exécute successivement quatre modes, du plus rapide au plus long : single (simple), wordlist (dictionnaire), rules (règles dans le dictionnaire), incremental (incrémental, brut).
Usage: john [OPTIONS] [PASSWORD-FILES]
--single[=SECTION] "single crack" mode
--wordlist=FILE --stdin wordlist mode, read words from FILE or stdin
--rules[=SECTION] enable word mangling rules for wordlist mode
--incremental[=MODE] "incremental" mode [using section MODE]
--markov[=LEVEL[:START:END[:MAXLEN]]] "Markov" mode (see documentation)
--external=MODE external mode or word filter
--stdout[=LENGTH] just output candidate passwords [cut at LENGTH]
--restore[=NAME] restore an interrupted session [called NAME]
--session=NAME give a new session the NAME
--status[=NAME] print status of a session [called NAME]
--make-charset=FILE make a charset, FILE will be overwritten
--show[=LEFT] show cracked passwords [if =LEFT, then uncracked]
--test[=TIME] run tests and benchmarks for TIME seconds each
--users=[-]LOGIN|UID[,..] [do not] load this (these) user(s) only
--groups=[-]GID[,..] load users [not] of this (these) group(s) only
--shells=[-]SHELL[,..] load users with[out] this (these) shell(s) only
--salt-list=SALT[,SALT,..] load just the specified salt(s)
--salts=[-]COUNT[:MAX] load salts with[out] at least COUNT passwords only
(or in range of COUNT to MAX)
--pot=NAME pot file to use
--format=NAME force hash type NAME:
DES/BSDI/MD5/BF/AFS/LM/NT/XSHA/PO/raw-MD5/MD5-gen/
IPB2/raw-sha1/md5a/hmac-md5/phpass-md5/KRB5/bfegg/
nsldap/ssha/openssha/oracle/oracle11/MYSQL/
mysql-sha1/mscash/lotus5/DOMINOSEC/
NETLM/NETNTLM/NETLMv2/NETNTLMv2/NETHALFLM/
mssql/mssql05/epi/phps/mysql-fast/pix-md5/sapG/
sapB/md5ns/HDAA
--subformat=NAME Some formats such as MD5-gen have subformats
(like md5_gen(0), md5_gen(7), etc).
This allows them to be specified.
If the name is LIST, then john will show all
subformats (help mode), and exit
--save-memory=LEVEL enable memory saving, at LEVEL 1..3
--mem-file-size=SIZE max size a wordlist file will preload into memory
(default 5,000,000 bytes)
--field-separator-char=c Use 'c' instead of the ':' for processing fields
(input file, pot file, etc)
--fix-state-delay=# number of times the fix_state() function is called
prior to issuing a fseek() system call.
It is an performance gain to delay a while
(say 100 loops for a fast algorithm).
For slow algorithms it does not matter
mypasswd.txt : fichier qui contient le hash LM ou NTLM
john mypasswd.txt : Lance John the Ripper en mode normal
john --single mypasswd.txt : Lance John the Ripper en mode single crack
john --wordlist=password.lst --rules mypasswd.txt : Lance John the Ripper en utilisant une liste de mots de passe les plus utilisés avec des règles définies
john --incremental=mymode mypasswd.txt : Lance John the Ripper en utilisant la force brute avec toutes les combinaisons de caractères dans une plage donnée
Le fichier john.conf contient toutes les définitions des règles par défaut et modifiées
john --make-charset=mycharset.chr mypasswd.txt : Génération du fichier de caractères mycharset.chr à partir des mots de passe déjà trouvés
john --make-charset=mycharset.chr : Génération du fichier de caractères mycharset.chr à partir du fichier john.conf
john --show mypasswd.txt : Affiche les mots de passe trouvés enregistrés dans le fichier john.pot
Exemples :
Edition de mypasswd.txt :
Administrator:500:bac14d04669ee1d1aad3b435b51404ee:fbbf55d0ef0e34d39593f55c5f2ca5f2:::
Testuser:1003:0182bd0bd4444bf8aad3b435b51404ee:328727b81ca05805a68ef26acb252039:::
PasswordOne:500:e52cac67419a9a224a3b108f3fa6cb6d:8846f7eaee8fb117ad06bdd830b7586c:::
john --show mypasswd.txt
Administrator:TOTO:500:::
Testuser:1234567:1003:::
PasswordOne:PASSWORD:500:::
3 password hashes cracked, 0 left
john --test
Benchmarking: Traditional DES [24/32 4K]... DONE
Many salts: 225293 c/s
Only one salt: 213021 c/s
Benchmarking: BSDI DES (x725) [24/32 4K]... DONE
Many salts: 7307 c/s
Only one salt: 7061 c/s
Benchmarking: FreeBSD MD5 [32/32]... DONE
Raw: 4815 c/s
Benchmarking: OpenBSD Blowfish (x32) [32/32]... DONE
Raw: 317 c/s
Benchmarking: Kerberos AFS DES [24/32 4K]... DONE
Short: 205080 c/s
Long: 458069 c/s
Benchmarking: LM DES [32/32 BS]... DONE
Raw: 3347K c/s
Benchmarking: NT MD4 [32/32]... DONE
Raw: 6181K c/s
Benchmarking: Mac OS X 10.4+ salted SHA-1 [32/32]... DONE
Many salts: 1738K c/s
Only one salt: 1516K c/s
Benchmarking: M$ Cache Hash [Generic 1x]... DONE
Many salts: 9127K c/s
Only one salt: 3659K c/s
Benchmarking: Apache MD5 [32/32]... DONE
Raw: 5294 c/s
Benchmarking: HMAC MD5 [hmac-md5]... DONE
Raw: 681335 c/s
Benchmarking: Post.Office MD5 [STD]... DONE
Many salts: 1572K c/s
Only one salt: 1440K c/s
Benchmarking: Raw MD5 [raw-md5 64x1]... DONE
Raw: 2766K c/s
Benchmarking: md5_gen(0): md5($p) (raw-md5) [md5-gen 64x1]... DONE
Raw: 2064K c/s
Benchmarking: md5_gen(1): md5($p.$s) (joomla) [md5-gen 64x1]... DONE
Many salts: 2183K c/s
Only one salt: 1867K c/s
Benchmarking: md5_gen(2): md5(md5($p)) (e107) [md5-gen 64x1]... DONE
Raw: 1125K c/s
Benchmarking: md5_gen(3): md5(md5(md5($p))) [md5-gen 64x1]... DONE
Raw: 775526 c/s
Benchmarking: md5_gen(4): md5($s.$p) (OSC) [md5-gen 64x1]... DONE
Many salts: 2089K c/s
Only one salt: 1766K c/s
Benchmarking: md5_gen(5): md5($s.$p.$s) [md5-gen 64x1]... DONE
Many salts: 1854K c/s
Only one salt: 1688K c/s
Benchmarking: md5_gen(6): md5(md5($p).$s) [md5-gen 64x1]... DONE
Many salts: 2322K c/s
Only one salt: 1006K c/s
Benchmarking: md5_gen(7): md5(md5($p).$s) (vBulletin) [md5-gen 64x1]... DONE
Many salts: 2541K c/s
Only one salt: 1087K c/s
Benchmarking: md5_gen(8): md5(md5($s).$p) [md5-gen 64x1]... DONE
Many salts: 1083K c/s
Only one salt: 998582 c/s
Benchmarking: md5_gen(9): md5($s.md5($p)) [md5-gen 64x1]... DONE
Many salts: 2141K c/s
Only one salt: 976268 c/s
Benchmarking: md5_gen(10): md5($s.md5($s.$p)) [md5-gen 64x1]... DONE
Many salts: 1087K c/s
Only one salt: 1005K c/s
Benchmarking: md5_gen(11): md5($s.md5($p.$s)) [md5-gen 64x1]... DONE
Many salts: 1032K c/s
Only one salt: 983594 c/s
Benchmarking: md5_gen(12): md5(md5($s).md5($p)) (IPB) [md5-gen 64x1]... DONE
Many salts: 1502K c/s
Only one salt: 750545 c/s
Benchmarking: md5_gen(13): md5(md5($p).md5($s)) [md5-gen 64x1]... DONE
Many salts: 1313K c/s
Only one salt: 711337 c/s
Benchmarking: md5_gen(14): md5($s.md5($p).$s) [md5-gen 64x1]... DONE
Many salts: 1756K c/s
Only one salt: 787171 c/s
Benchmarking: md5_gen(17): phpass ($P$ or $H$) [md5-gen 64x1]... DONE
Many salts: 1023 c/s
Only one salt: 1237 c/s
Benchmarking: PHPass MD5 [phpass-md5]... Using phpass mode, by linking to md5_ge
n(17) functions DONE
Many salts: 1300 c/s
Only one salt: 1224 c/s
Benchmarking: IPB2 MD5 [Invision Power Board 2.x salted MD5]... DONE
Many salts: 1420K c/s
Only one salt: 890131 c/s
Benchmarking: Raw SHA-1 [raw-sha1]... DONE
Raw: 1918K c/s
Benchmarking: Kerberos v5 TGT [krb5 3DES (des3-cbc-sha1)]... DONE
Raw: 18984 c/s
Benchmarking: Netscape LDAP SHA [SHA-1]... DONE
Raw: 1643K c/s
Benchmarking: Netscape LDAP SSHA [salted SHA-1]... DONE
Many salts: 1520K c/s
Only one salt: 1464K c/s
Benchmarking: OpenLDAP SSHA [salted SHA-1]... DONE
Many salts: 1341K c/s
Only one salt: 1358K c/s
Benchmarking: Eggdrop [blowfish]... DONE
Raw: 8779 c/s
Benchmarking: Oracle [oracle]... DONE
Raw: 460304 c/s
Benchmarking: Oracle 11g [oracle11]... DONE
Many salts: 1865K c/s
Only one salt: 1583K c/s
Benchmarking: MYSQL [mysql]... DONE
Raw: 1129K c/s
Benchmarking: MySQL 4.1 double-SHA-1 [mysql-sha1]... DONE
Raw: 1021K c/s
Benchmarking: Lotus5 [Lotus v5 Proprietary]... DONE
Raw: 167076 c/s
Benchmarking: More Secure Internet Password [RSA MD defined by BSAFE 1.x - Lotus
v6]... DONE
Many salts: 99673 c/s
Only one salt: 59958 c/s
Benchmarking: LM C/R DES [netlm]... DONE
Many salts: 284166 c/s
Only one salt: 332880 c/s
Benchmarking: NTLMv1 C/R MD4 DES [netntlm]... DONE
Many salts: 374223 c/s
Only one salt: 385788 c/s
Benchmarking: LMv2 C/R MD4 HMAC-MD5 [netlmv2]... DONE
Many salts: 236377 c/s
Only one salt: 225402 c/s
Benchmarking: NTLMv2 C/R MD4 HMAC-MD5 [netntlmv2]... DONE
Many salts: 241829 c/s
Only one salt: 230556 c/s
Benchmarking: HalfLM C/R DES [nethalflm]... DONE
Many salts: 799218 c/s
Only one salt: 810336 c/s
Benchmarking: MS-SQL [ms-sql]... DONE
Many salts: 2175K c/s
Only one salt: 1961K c/s
Benchmarking: MS-SQL05 [ms-sql05]... DONE
Many salts: 2070K c/s
Only one salt: 2062K c/s
Benchmarking: EPiServer SID Hashes [SHA-1]... DONE
Many salts: 2052K c/s
Only one salt: 2010K c/s
Benchmarking: PHPS MD5 [MD5(MD5($pass).$salt) MD5]... Using phps mode, by linkin
g to md5_gen(6) functions DONE
Many salts: 2741K c/s
Only one salt: 1126K c/s
Benchmarking: MYSQL_fast [mysql-fast]... DONE
Raw: 13117K c/s
Benchmarking: PIX MD5 [pix-md5]... DONE
Raw: 2284K c/s
Benchmarking: SAP CODVN G (PASSCODE) [sapg]... DONE
Many salts: 512499 c/s
Only one salt: 463151 c/s
Benchmarking: SAP BCODE [sapb]... DONE
Many salts: 572054 c/s
Only one salt: 531462 c/s
Benchmarking: Netscreen MD5 [NS MD5]... DONE
Raw: 1772K c/s
Benchmarking: HTTP Digest access authentication [HDAA-MD5]... DONE
Many salts: 688041 c/s
Only one salt: 677374 c/s
Microsoft Windows
Site en Favoris
Page en Favoris
Page de démarrage
Imprimer la Page
Télécharger
Total des votes:0
