LLMpediaThe first transparent, open encyclopedia generated by LLMs

John the Ripper

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: Cult of the Dead Cow Hop 4
Expansion Funnel Raw 1 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted1
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
John the Ripper
NameJohn the Ripper
DeveloperOpenwall Project
Initial release1996
Programming languageC, Assembly, Python
Operating systemUnix-like, Windows, macOS, OpenVMS
LicenseGPL
WebsiteOpenwall Project

John the Ripper is a widely used password cracking and recovery tool notable for its speed, extensibility, and support for numerous password hash formats. Originally created as a Unix-focused utility, it evolved into a modular suite adopted by security researchers, system administrators, and penetration testers. The project intersects with many projects and persons in the information security community and has influenced cryptanalysis practice, password policy discussions, and toolchains for assessment.

Overview

John the Ripper is a command-line driven cryptanalytic application distributed by the Openwall Project and widely ported to platforms maintained by developers and organizations including Solar Designer, SolarWinds, Rapid7, and Metasploit contributors. It implements techniques used and discussed by researchers and practitioners such as Ron Rivest, Adi Shamir, Bruce Schneier, and Ross Anderson, while operating in ecosystems where tools like Hashcat, Cain and Abel, Aircrack-ng, and Metasploit are also used. The software supports hashes and credential stores produced by projects and systems such as OpenSSL, OpenLDAP, Microsoft Windows NT, Active Directory, Cisco IOS, MySQL, Oracle, PostgreSQL, and many UNIX variants including Debian, Red Hat, and FreeBSD.

History and Development

The project began in the mid-1990s under the stewardship of Solar Designer and the Openwall Project, influenced by earlier cryptanalytic work such as the DES challenges coordinated by the Electronic Frontier Foundation and research from institutions like MIT, Bell Labs, and Stanford. Development milestones track contributions from the Free Software community, code submissions by volunteers affiliated with universities including Carnegie Mellon University and the University of California, Berkeley, and integrations with toolchains used by commercial firms like IBM, Hewlett-Packard, and Microsoft Research. Over time, the codebase incorporated optimizations inspired by processor vendors and architectures—Intel, AMD, ARM, and IBM POWER—while drawing upon algorithmic advances reported at conferences including USENIX, Black Hat, DEF CON, and RSA Conference.

Features and Architecture

The architecture combines core cracking engines, modular format plugins, and external rulesets. Core components parallel concepts used in cryptanalysis literature by Claude Shannon and Alan Turing, and leverage libraries and standards maintained by groups such as the IETF and ISO. Supported formats derive from specifications by organizations including NIST, the IETF, and vendors such as Oracle Corporation, Microsoft Corporation, Cisco Systems, and Mozilla. Optimizations include SIMD and vectorized routines similar to those used by CPU vendors Intel and AMD, and GPU-accelerated approaches comparable to techniques in projects from NVIDIA and AMD. Extensibility is provided through plugin interfaces and community-contributed modules hosted on repositories like GitHub and GitLab, and coordinated with package maintainers for distributions including Ubuntu, Fedora, Arch Linux, and Gentoo.

Supported Platforms and Versions

Official and community-maintained builds run on Unix-like systems (Linux distributions such as Debian and Red Hat Enterprise Linux, BSD variants including OpenBSD and NetBSD, and macOS), Windows (via native builds and Cygwin/MSYS ports), and legacy systems such as OpenVMS. The project’s evolution shows compatibility considerations with toolchains produced by GNU, LLVM/Clang, and Microsoft Visual Studio, and integration with continuous integration systems from GitHub Actions, GitLab CI, and Jenkins. Multiple branches and editions—core, jumbo, and patches maintained by third-party vendors and security firms—reflect correlations with releases and tooling standards from Red Hat, Canonical, SUSE, and community distributions.

Usage and Techniques

Operators employ the tool using attack modes and strategies parallel to those described in academic and practitioner literature by authors such as Dorothy Denning, Ross Anderson, and Bruce Schneier. Common techniques include dictionary attacks incorporating wordlists like rockyou and cracking strategies akin to those used in papers from Carnegie Mellon and MIT, brute-force incremental modes, hybrid attacks combining masks and rules, and targeted mask attacks inspired by pattern-analysis research from universities and labs. Integrations with orchestration and exploitation frameworks—Metasploit Framework, Burp Suite, and Wireshark—support workflows in assessments performed by consultants at firms such as KPMG, PwC, Deloitte, and EY. Collaborations with hardware vendors such as NVIDIA and AMD enable GPU-accelerated workflows similar to efforts by researchers at Lawrence Berkeley National Laboratory and national labs.

Use of password cracking tools raises legal and ethical issues addressed in statutes and guidelines from jurisdictions and institutions such as the United States Computer Fraud and Abuse Act, the European Union’s GDPR, national cybersecurity agencies including NIST and ENISA, and professional codes enforced by bodies like (ISC)² and ISACA. Responsible use is guided by policies from employers, rules in penetration testing contracts used by consultancies such as Mandiant and CrowdStrike, and disclosure norms advocated in forums like CERT, FIRST, and Open Web Application Security Project. Unauthorized deployment can implicate criminal statutes and civil liability in courts across jurisdictions including the United States, United Kingdom, and European Union; conversely, authorized use supports incident response, audits, and compliance programs at enterprises governed by standards such as ISO/IEC 27001 and PCI DSS.

Category:Password cracking software