HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 38 guests and 1 member online
 
Free Business and Tech Magazines and eBooks

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Otherarrow How do you use John the Ripper - non-tech question
EH-Net
May 23, 2013, 05:28:09 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: How do you use John the Ripper - non-tech question  (Read 5907 times)
0 Members and 1 Guest are viewing this topic.
Ants
Newbie
*
Offline Offline

Posts: 25


View Profile
« on: June 15, 2009, 05:59:31 PM »
Please note, this is not a technical question.

I am doing some research on Dictionary based password cracking that will hopefully be of use for optimisation.

So I was wondering how do most professional hackers use JTR.

Do you normally use it for just cracking one password at a time or do you use a short or long list of passwords? Also, how long would you leave it running before you gave up and tried another method?

Thanks

Ants
« Last Edit: June 15, 2009, 06:02:07 PM by Ants » Logged
CEH, GPEN, GCFW
Ketchup
Hero Member
*****
Offline Offline

Posts: 1021



View Profile
« Reply #1 on: June 15, 2009, 10:30:57 PM »
Well, I wouldn't call myself a professional hacker, but I use JTR mostly on Linux.   On Windows, I prefer Cain and Abel.   I use it for both, a single password and groups of passwords cracking.    I typically don't run it for more than a few days. 
Logged
~~~~~~~~~~~~~~
Ketchup
Jhaddix
Sr. Member
****
Offline Offline

Posts: 317



View Profile WWW
« Reply #2 on: June 15, 2009, 10:59:17 PM »
however many hashes i get from a box is how many i run john on, and will continue to run it on a non production machine until the engagement is close to reporting. Distributed jtr is my next goal to quicken the cracking process. jtr is vital to pentests, hope that helps
Logged
GSEC, GPEN, GWAPT, ECPPT, WAHHlive, LSOAdvancedPenTester

http://www.securityaegis.com
http://www.pentesterscripting.com
http://code.google.com/p/pentest-bookmarks/
UNIX
Hero Member
*****
Offline Offline

Posts: 1235


View Profile
« Reply #3 on: June 16, 2009, 12:08:15 AM »
I really like JTR too but I don't need it often. I use it for both single and multi. Depending if time is an important key I would let it run also for a longer period of time on a seperate machine.
Logged
jimbob
Guest
« Reply #4 on: June 16, 2009, 02:21:37 AM »
It depends on what you are trying to achieve. If you just want to prove a point JTR in single crack mode can reveal the weakest passwords in seconds and demonstrates the need for good password policy. I use longer runs when I want to leverage the passwords I find to get deeper.

Jimbob
Logged
Ants
Newbie
*
Offline Offline

Posts: 25


View Profile
« Reply #5 on: June 16, 2009, 08:35:40 AM »
Hey thanks guys. That helps me a lot.
Logged
CEH, GPEN, GCFW
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.069 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Free Business and Tech Magazines and eBooks

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.