John the Ripper Pro
2 - 4 min read
May 30, 2006
This is to announce three things at once:
- I have started making and maintaining commercial releases of John the
Ripper password cracker, known as John the Ripper Pro.
John the Ripper is a fast password cracker (password security auditing tool if you prefer), currently available for many flavors of Unix, Windows, and other platforms. Its primary purpose is to detect weak Unix passwords, although Windows NT/2000/XP/2003 LM hashes and a number of other password hash types are supported as well. John the Ripper is free software, distributed primarily in source code form.
John the Ripper Pro builds upon the free John the Ripper to deliver a commercial product better tailored for specific operating systems. It is distributed primarily in the form of "native" packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance. The John the Ripper Pro homepage is:
John the Ripper Pro (JtR Pro) password crackerJohn the Ripper Pro is currently available for Linux on x86 processors, with support for the latest Intel and AMD processor features such as SSE2. Support for certain other operating systems and processor architectures is planned (please submit requests as specified on the web page above).
The features currently specific to Pro versions are:
- Pre-built and well-tested native package (RPM) which may be installed with a single command - no need to compile.
- Automatic detection of processor architecture extensions such as SSE2 and MMX for much faster processing, with transparent fallback on older CPUs.
- A large multilingual wordlist optimized specifically for use with John the Ripper (4,106,923 entries, 43 MB uncompressed) is included in the package, and John the Ripper is pre-configured for its use.
- The included documentation is revised to be specific for the given package and OS rather than generic, making it easier to understand.
- As a bonus, the full source code sufficient to rebuild the package is also provided (can be downloaded separately).
- Red Hat Enterprise Linux (any version) for x86 and x86-64;
- Fedora Core (any version) for x86 and x86-64;
- Red Hat Linux 7.0 and above;
- SUSE Linux 7.1 and above for x86 and x86-64;
- Mandriva Linux (any version) for x86 and x86-64;
- Openwall GNU/*/Linux 1.1 and above;
- Slackware 8.1 and above;
- any other distribution with RPM 3+, glibc 2.1+, Linux kernel 2.4.0+ that is capable of running executables for x86 (i386).
- A new version of the tiny POP3 server, popa3d 1.0.2, has been
released adding a couple of minor optimizations specific to x86-64 to
the included MD5 routines. The homepage for popa3d is:
- A new version of the password hashing package (for use in C/C++
applications and libraries), crypt_blowfish 1.0.2, has been released
adding a minor optimization specific to x86-64. The homepage for
crypt_blowfish is:
bcrypt password hashing ("password encryption") for your software and your servers
The following Linux distributions are supported:
I know that some current users of John the Ripper may be concerned that the introduction of a commercial version might have a negative impact on the development of the free John the Ripper. Let me assure you that there will be no such negative impact. On the contrary, if John the Ripper Pro is successful commercially, that will only help the free John the Ripper to evolve faster - while remaining free.
If you're a current user of John the Ripper and you can influence your company or organization to purchase John the Ripper Pro, you're welcome to support the development of John the Ripper in this way - to benefit the users of the free version as well.
Related Articles
1 - 0 min read
Linux Kernel 6.7 Released with Various Security Improvements
