john: Again, a tool is just a tool

The gods of chance seem to favor tools with the potential for less-than-pristine motives today. First pirate-get and now john.


john, a/k/a John the Ripper, is a password cracker … and this is where I acknowledge my rudimentary understanding of security and cryptography, because a lot of what john does is … way beyond my scope.

I did get it running in an acceptable fashion though, as you can see above. The john wiki is replete with tutorials of all levels, on how to make it work in just about any conceivable fashion. I’ll give you a hint: If you want to see a progress update, smack the space bar and john will let you know how far along he is.

Oh, and not that it matters to you, but I hear there’s a GUI for john, too. πŸ˜‰

I feel john would do best on a multiprocessor machine with some real oomph to it; I understand that it can not only take advantage of multiple CPUs, but knows enough to handle multiple threads per core. There are machines available to consumers that would no doubt tear through a run-of-the-mill job with john in a matter of hours, if not minutes.

But as you can see, I didn’t bother waiting for john to find my own password. It would be a while, not just because this is a single-processor machine from 12 years ago, but because my password is not a recognizable word. Not that it would take long to find it, but it could take longer.

I leave you to experiment with john; there have been terrifically few times in my life when I needed any kind of password cracking utility, and so each time has been a new experience and I relearn everything over again. If you’re in the market for a password cracker, john might work for you. Only you can be sure. πŸ˜‰