securityfocus.com — Yes, yours and my favorite password cracker has been updated and released. The big news with this version is the ability to crack passwords with new algorithms and at faster speeds. Also with this version the cracker has a log so you can see the steps and progress of the current cracking session.
Feb 28, 2006 View in Crawl 4
Closed AccountFeb 28, 2006
@socketThis is very true. Rainbow tables are probably better with LM hashes (hell the developer even says so!), but John is a great tool for all sorts of different encryption methods. It's more of a Jack-of-All-Trades-Master-of-Most. ;)
kaptainkrakenFeb 28, 2006
what's more important than a GUI is for this thing to get with the program and get a 64bit version. 64bit mean speed improvements at core level as well as more efficient use of the entire processor per clock.
jakobrowningFeb 28, 2006
all he's doing is talking about the features.
martinusFeb 28, 2006
me too, 26 is definitely a good age.
shaolintigerFeb 28, 2006
I personally don't see what's wrong with combining them all.I often set JTR going on hybrid on a standalone and see what it comes up with against a shadow file or a set of NTLMv2 hashes.Rainbows are much better for the lame ass LM hashes as you can guess them a lot faster due to the way it's broken into two pieces...L0pht and SamInside can whack straight LM hashes without Rainbow Tables fast enough though.Different tools for different jobs, I do find LCP/L0pht/SamInside better for windows SAM files than JTR.BTW anyone got any nice .pot files to trade :D
goldengodFeb 28, 2006
Nerds! Nerds! Nerds!
f1r3Feb 28, 2006
Nice.. I have some passwords i made up that 1.6 is mulling over and still hasn't cracked after a week... maybe 1.7 can finally get them.... and i'll have to make new passwords.And for all of you saying "this tool is better "bla bla bla.. you should be familiar with as much stuff as you can... you never know when you might need one or the other.
f1r3Feb 28, 2006
It can decrypt encrypted hashes, usually OS/terminal related, but possibly from a database.. it will not brute-force its way into your girlfriend's e-mail account.
error00101Feb 28, 2006
"it will not brute-force its way into your girlfriend's e-mail account."ha, i just want to recover my flickr login. I signed up with an edu email that i no longer have access to, so asking for the password doesn't work. a fair suspicion, though, and I don't blame you.
Closed AccountFeb 28, 2006
Welcome back, old friend. I've missed you :'(
nb109May 28, 2007
<a class="user" href="http://www.openwall.com/john/pro/macosx/">http://www.openwall.com/john/pro/macosx/</a> - Right there, good sir and/or ma'am!