Wie können eigene Passwörter mit „John the Ripper“ entschlüsselt werden?

Wenn man sein eigenes Passwort vergessen hat, wie kann man es entschlüsseln? Evl. mit John the ripper. Bitte auch die rechtlichen Hinweise beachten, und nur auf eigene Passwörter und Systemen ausführen, da in Deutschland bestimmte Handlungen, nach § 202c StGB (Hackerparagraf) unter Strafe stehen. Es folgt nun, eine kurze zusammengefasste Übersetzung der orginal Installationsanleitung:

1. Von der John the ripper Homepage eine fertige binär Distribution landen oder wie hier beschrieben eine eigene Version aus den Quellcode compilieren.

2. Entweder die „official free versions“ oder die „community-enhanced“ mit mehreren Möglichkeiten laden und Signatur vergleichen.

3. Archive entpacken.

4. In das „src“ Verzeichnis wechseln und wie in beschieben compilieren, d.h.

5. „make“ ausführen. Es erscheint eine Liste der möglichen Betriebssysteme z.B.
...
linux-x86-64[i] Linux, x86-64 with SSE2 (most common)
...
macosx-x86-64 Mac OS X 10.5+, Xcode 3.0+, x86-64 with SSE2 (best)
macosx-x86-64-gpu Mac OS X 10.5+, Xcode 3.0+, x86-64 with SSE2, CUDA and OpenCL support
...
win32-cygwin-x86-sse2[i] Win32, Cygwin, x86 with SSE2 (best)
...

6. Mit einem Wert aus obiger Liste z.B. „make macosx-x86-64“ compilieren und Programm bauen.

7. Programm aufrufen und testen mit dem Aufruf: ./run/john --test
Es werden dann alle möglichen Verschlüsselungs-Modi getestet und ausgegeben, hier das ganze Ergebniss:

Benchmarking: Traditional DES [128/128 BS SSE2-16]... DONE
Many salts: 5161K c/s real, 5161K c/s virtual
Only one salt: 4924K c/s real, 4924K c/s virtual

Benchmarking: BSDI DES (x725) [128/128 BS SSE2-16]... DONE
Many salts: 168960 c/s real, 168960 c/s virtual
Only one salt: 162688 c/s real, 162688 c/s virtual

Benchmarking: FreeBSD MD5 [128/128 SSE2 intrinsics 12x]... DONE
Raw: 25992 c/s real, 26254 c/s virtual

Benchmarking: OpenBSD Blowfish (x32) [32/64 X2]... DONE
Raw: 542 c/s real, 536 c/s virtual

Benchmarking: Kerberos AFS DES [48/64 4K]... DONE
Short: 480000 c/s real, 480000 c/s virtual
Long: 1439K c/s real, 1439K c/s virtual

Benchmarking: LM DES [128/128 BS SSE2-16]... DONE
Raw: 62128K c/s real, 62128K c/s virtual

Benchmarking: dynamic_0: md5($p) (raw-md5) [128/128 SSE2 intrinsics 10x4x3]... DONE
Raw: 20498K c/s real, 20498K c/s virtual

Benchmarking: dynamic_1: md5($p.$s) (joomla) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 16922K c/s real, 16922K c/s virtual
Only one salt: 12764K c/s real, 12764K c/s virtual

Benchmarking: dynamic_2: md5(md5($p)) (e107) [128/128 SSE2 intrinsics 10x4x3]... DONE
Raw: 10789K c/s real, 10789K c/s virtual

Benchmarking: dynamic_3: md5(md5(md5($p))) [128/128 SSE2 intrinsics 10x4x3]... DONE
Raw: 7307K c/s real, 7307K c/s virtual

Benchmarking: dynamic_4: md5($s.$p) (OSC) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 18014K c/s real, 18194K c/s virtual
Only one salt: 13050K c/s real, 13050K c/s virtual

Benchmarking: dynamic_5: md5($s.$p.$s) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 15536K c/s real, 15382K c/s virtual
Only one salt: 11386K c/s real, 11386K c/s virtual

Benchmarking: dynamic_6: md5(md5($p).$s) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 22506K c/s real, 22506K c/s virtual
Only one salt: 8062K c/s real, 8062K c/s virtual

Benchmarking: dynamic_8: md5(md5($s).$p) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 17329K c/s real, 17329K c/s virtual
Only one salt: 12716K c/s real, 12716K c/s virtual

Benchmarking: dynamic_9: md5($s.md5($p)) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 17309K c/s real, 17309K c/s virtual
Only one salt: 7235K c/s real, 7235K c/s virtual

Benchmarking: dynamic_10: md5($s.md5($s.$p)) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 8835K c/s real, 8835K c/s virtual
Only one salt: 7514K c/s real, 7514K c/s virtual

Benchmarking: dynamic_11: md5($s.md5($p.$s)) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 8944K c/s real, 8944K c/s virtual
Only one salt: 7608K c/s real, 7608K c/s virtual

Benchmarking: dynamic_12: md5(md5($s).md5($p)) (IPB) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 3552K c/s real, 3552K c/s virtual
Only one salt: 2518K c/s real, 2518K c/s virtual

Benchmarking: dynamic_13: md5(md5($p).md5($s)) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 3506K c/s real, 3541K c/s virtual
Only one salt: 2525K c/s real, 2525K c/s virtual

Benchmarking: dynamic_14: md5($s.md5($p).$s) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 14757K c/s real, 14757K c/s virtual
Only one salt: 7334K c/s real, 7334K c/s virtual

Benchmarking: dynamic_15: md5($u.md5($p).$s) [32/64 64x2 (MD5_Body)]... DONE
Many salts: 6112K c/s real, 6112K c/s virtual
Only one salt: 2598K c/s real, 2598K c/s virtual

Benchmarking: dynamic_16: md5(md5(md5($p).$s).$s2) [32/64 64x2 (MD5_Body)]... DONE
Many salts: 2943K c/s real, 2943K c/s virtual
Only one salt: 1810K c/s real, 1810K c/s virtual

Benchmarking: dynamic_17: phpass ($P$ or $H$) [128/128 SSE2 intrinsics 4x4x3]... DONE
Raw: 14112 c/s real, 14112 c/s virtual

Benchmarking: dynamic_18: md5($s.Y.$p.0xF7.$s)(Post.Office MD5) [32/64 64x2 (MD5_Body)]... DONE
Many salts: 3593K c/s real, 3593K c/s virtual
Only one salt: 3395K c/s real, 3395K c/s virtual

Benchmarking: dynamic_19: Cisco PIX (MD5) [128/128 SSE2 intrinsics 10x4x3]... DONE
Raw: 14886K c/s real, 14886K c/s virtual

Benchmarking: dynamic_20: Cisco PIX (MD5 salted) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 17467K c/s real, 17467K c/s virtual
Only one salt: 13031K c/s real, 13031K c/s virtual

Benchmarking: dynamic_21: HTTP Digest Access Auth [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 1903K c/s real, 1903K c/s virtual
Only one salt: 1831K c/s real, 1831K c/s virtual

Benchmarking: dynamic_22: md5(sha1($p)) [128/128 SSE2 intrinsics 10x4x2]... DONE
Raw: 6034K c/s real, 6034K c/s virtual

Benchmarking: dynamic_23: sha1(md5($p)) [128/128 SSE2 intrinsics 10x4x2]... DONE
Raw: 4611K c/s real, 4611K c/s virtual

Benchmarking: dynamic_24: sha1($p.$s) [128/128 SSE2 intrinsics 10x4x2]... DONE
Many salts: 9316K c/s real, 9316K c/s virtual
Only one salt: 8014K c/s real, 8014K c/s virtual

Benchmarking: dynamic_25: sha1($s.$p) [128/128 SSE2 intrinsics 10x4x2]... DONE
Many salts: 9287K c/s real, 9287K c/s virtual
Only one salt: 7884K c/s real, 7884K c/s virtual

Benchmarking: dynamic_26: sha1($p) raw-sha1 [128/128 SSE2 intrinsics 4x2]... DONE
Raw: 11715K c/s real, 11715K c/s virtual

Benchmarking: dynamic_27: FreeBSD MD5 [128/128 SSE2 intrinsics 4x3]... DONE
Raw: 24840 c/s real, 24840 c/s virtual

Benchmarking: dynamic_28: Apache MD5 [128/128 SSE2 intrinsics 4x3]... DONE
Raw: 24612 c/s real, 24612 c/s virtual

Benchmarking: dynamic_29: md5(unicode($p)) [128/128 SSE2 intrinsics 10x4x3]... DONE
Raw: 15531K c/s real, 15531K c/s virtual

Benchmarking: dynamic_30: md4($p) (raw-md4) [128/128 SSE2 intrinsics 10x4x3]... DONE
Raw: 27525K c/s real, 27525K c/s virtual

Benchmarking: dynamic_31: md4($s.$p) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 24711K c/s real, 24711K c/s virtual
Only one salt: 16420K c/s real, 16584K c/s virtual

Benchmarking: dynamic_32: md4($p.$s) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 23070K c/s real, 23070K c/s virtual
Only one salt: 15737K c/s real, 15737K c/s virtual

Benchmarking: dynamic_33: md4(unicode($p)) [128/128 SSE2 intrinsics 10x4x3]... DONE
Raw: 18442K c/s real, 18442K c/s virtual

Benchmarking: dynamic_34: md5(md4($p)) [128/128 SSE2 intrinsics 10x4x3]... DONE
Raw: 12212K c/s real, 12091K c/s virtual

Benchmarking: dynamic_35: sha1(uc($u).:.$p) (ManGOS) [128/128 SSE2 intrinsics 10x4x2]... DONE
Many salts: 8193K c/s real, 8193K c/s virtual
Only one salt: 6256K c/s real, 6256K c/s virtual

Benchmarking: dynamic_36: sha1($u.:.$p) (ManGOS2) [128/128 SSE2 intrinsics 10x4x2]... DONE
Many salts: 8375K c/s real, 8375K c/s virtual
Only one salt: 7346K c/s real, 7346K c/s virtual

Benchmarking: dynamic_37: sha1(lc($u).$p) (SMF) [128/128 SSE2 intrinsics 10x4x2]... DONE
Many salts: 9084K c/s real, 9084K c/s virtual
Only one salt: 7539K c/s real, 7614K c/s virtual

Benchmarking: dynamic_38: sha1($s.sha1($s.($p))) (Wolt3BB) [32/64 128x1]... DONE
Many salts: 1004K c/s real, 1014K c/s virtual
Only one salt: 1001K c/s real, 1001K c/s virtual

Benchmarking: dynamic_1001 md5(md5(md5(md5($p)))) [128/128 SSE2 intrinsics 10x4x3]... DONE
Raw: 5226K c/s real, 5226K c/s virtual

Benchmarking: dynamic_1002 md5(md5(md5(md5(md5($p))))) [128/128 SSE2 intrinsics 10x4x3]... DONE
Raw: 4221K c/s real, 4221K c/s virtual

Benchmarking: dynamic_1003 md5(md5($p).md5($p)) [32/64 64x2 (MD5_Body)]... DONE
Raw: 1904K c/s real, 1904K c/s virtual

Benchmarking: dynamic_1004 md5(md5(md5(md5(md5(md5($p)))))) [128/128 SSE2 intrinsics 10x4x3]... DONE
Raw: 3492K c/s real, 3492K c/s virtual

Benchmarking: dynamic_1005 md5(md5(md5(md5(md5(md5(md5($p))))))) [128/128 SSE2 intrinsics 10x4x3]... DONE
Raw: 3047K c/s real, 3047K c/s virtual

Benchmarking: dynamic_1006 md5(md5(md5(md5(md5(md5(md5(md5($p)))))))) [128/128 SSE2 intrinsics 10x4x3]... DONE
Raw: 2622K c/s real, 2622K c/s virtual

Benchmarking: dynamic_1007 md5(md5($p).$s) (vBulletin) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 22466K c/s real, 22691K c/s virtual
Only one salt: 8098K c/s real, 8098K c/s virtual

Benchmarking: dynamic_1008 md5($p.$s) (RADIUS User-Password) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 16960K c/s real, 16792K c/s virtual
Only one salt: 12792K c/s real, 12792K c/s virtual

Benchmarking: dynamic_1009 md5($s.$p) (RADIUS Responses) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 19007K c/s real, 19007K c/s virtual
Only one salt: 14265K c/s real, 14265K c/s virtual

Benchmarking: dynamic_1010 md5($p null_padded_to_len_100) RAdmin v2.x MD5 [32/64 64x2 (MD5_Body)]... DONE
Raw: 3421K c/s real, 3421K c/s virtual

Benchmarking: Eggdrop Blowfish [32/64]... DONE
Raw: 29799 c/s real, 29799 c/s virtual

Benchmarking: DIGEST-MD5 C/R [32/64]... DONE
Raw: 1571K c/s real, 1571K c/s virtual

Benchmarking: Lotus Notes/Domino 6 More Secure Internet Password [8/64]... DONE
Many salts: 118385 c/s real, 118385 c/s virtual
Only one salt: 70038 c/s real, 70038 c/s virtual

Benchmarking: EPiServer SID salted SHA-1 [32/64]... DONE
Many salts: 5038K c/s real, 5088K c/s virtual
Only one salt: 4644K c/s real, 4644K c/s virtual

Benchmarking: HTTP Digest access authentication MD5 [128/128 SSE2 intrinsics 12x]... DONE
Many salts: 4266K c/s real, 4266K c/s virtual
Only one salt: 4075K c/s real, 4075K c/s virtual

Benchmarking: Invision Power Board 2.x salted MD5 [128/128 SSE2 intrinsics 12x]... DONE
Many salts: 6220K c/s real, 6220K c/s virtual
Only one salt: 5890K c/s real, 5890K c/s virtual

Benchmarking: Kerberos v4 TGT DES [32/64]... DONE
Raw: 3663K c/s real, 3663K c/s virtual

Benchmarking: Kerberos v5 TGT 3DES [32/64]... DONE
Raw: 58225 c/s real, 58225 c/s virtual

Benchmarking: MSCHAPv2 C/R MD4 DES [32/64]... DONE
Many salts: 3924K c/s real, 3924K c/s virtual
Only one salt: 2702K c/s real, 2702K c/s virtual

Benchmarking: LM C/R DES [32/64]... DONE
Many salts: 3882K c/s real, 3882K c/s virtual
Only one salt: 1255K c/s real, 1255K c/s virtual

Benchmarking: LMv2 C/R MD4 HMAC-MD5 [32/64]... DONE
Many salts: 925211 c/s real, 934464 c/s virtual
Only one salt: 751296 c/s real, 751296 c/s virtual

Benchmarking: NTLMv1 C/R MD4 DES (ESS MD5) [32/64]... DONE
Many salts: 3889K c/s real, 3889K c/s virtual
Only one salt: 2653K c/s real, 2653K c/s virtual

Benchmarking: NTLMv2 C/R MD4 HMAC-MD5 [32/64]... DONE
Many salts: 824832 c/s real, 824832 c/s virtual
Only one salt: 689664 c/s real, 689664 c/s virtual

Benchmarking: HalfLM C/R DES [32/64]... DONE
Many salts: 3889K c/s real, 3889K c/s virtual
Only one salt: 1864K c/s real, 1864K c/s virtual

Benchmarking: Netscreen MD5 [32/64]... DONE
Raw: 5462K c/s real, 5516K c/s virtual

Benchmarking: NT MD4 [128/128 X2 SSE2-16]... DONE
Raw: 47892K c/s real, 47892K c/s virtual

Benchmarking: PHPS md5(md5($pass).$salt) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 23273K c/s real, 23273K c/s virtual
Only one salt: 8188K c/s real, 8188K c/s virtual

Benchmarking: Post.Office MD5 [32/64]... DONE
Many salts: 3518K c/s real, 3483K c/s virtual
Only one salt: 3365K c/s real, 3365K c/s virtual

Benchmarking: Mac OS X 10.4 - 10.6 salted SHA-1 [128/128 SSE2 intrinsics 8x]... DONE
Many salts: 15932K c/s real, 15932K c/s virtual
Only one salt: 13329K c/s real, 13329K c/s virtual

Benchmarking: CRC-32 [32/64]... DONE
Many salts: 68878K c/s real, 68878K c/s virtual
Only one salt: 47095K c/s real, 47095K c/s virtual

Benchmarking: GOST R 34.11-94 [64/64]... DONE
Raw: 530285 c/s real, 530285 c/s virtual

Benchmarking: Mac OS X Keychain PBKDF2-HMAC-SHA-1 3DES [32/64]... DONE
Raw: 642 c/s real, 649 c/s virtual

Benchmarking: Lotus Notes/Domino 5 [8/64]... DONE
Raw: 423936 c/s real, 423936 c/s virtual

Benchmarking: Generic salted MD4 [32/64]... DONE
Many salts: 8468K c/s real, 8468K c/s virtual
Only one salt: 7933K c/s real, 7933K c/s virtual

Benchmarking: MediaWiki md5($s.'-'.md5($p)) [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 12581K c/s real, 12581K c/s virtual
Only one salt: 7734K c/s real, 7734K c/s virtual

Benchmarking: M$ Cache Hash MD4 [32/64]... DONE
Many salts: 17640K c/s real, 17640K c/s virtual
Only one salt: 7135K c/s real, 7135K c/s virtual

Benchmarking: M$ Cache Hash 2 (DCC2) PBKDF2-HMAC-SHA-1 [128/128 SSE2 intrinsics 8x]... DONE
Raw: 784 c/s real, 784 c/s virtual

Benchmarking: MS Kerberos 5 AS-REQ Pre-Auth MD4 MD5 RC4 [32/64]... DONE
Many salts: 993952 c/s real, 993952 c/s virtual
Only one salt: 534944 c/s real, 534944 c/s virtual

Benchmarking: MS SQL SHA-1 [128/128 SSE2 intrinsics 8x]... DONE
Many salts: 14032K c/s real, 14032K c/s virtual
Only one salt: 9623K c/s real, 9623K c/s virtual

Benchmarking: MS SQL 2005 SHA-1 [128/128 SSE2 intrinsics 8x]... DONE
Many salts: 14105K c/s real, 14105K c/s virtual
Only one salt: 12820K c/s real, 12820K c/s virtual

Benchmarking: MySQL 4.1 double-SHA-1 [128/128 SSE2 intrinsics 8x]... DONE
Raw: 6917K c/s real, 6917K c/s virtual

Benchmarking: MySQL [32/64]... DONE
Raw: 30381K c/s real, 30080K c/s virtual

Benchmarking: Netscape LDAP SHA-1 [128/128 SSE2 intrinsics 8x]... DONE
Raw: 13136K c/s real, 13267K c/s virtual

Benchmarking: NT MD4 [128/128 SSE2 intrinsics 12x]... DONE
Raw: 31933K c/s real, 31933K c/s virtual

Benchmarking: ODF SHA-1 Blowfish [32/64]... DONE
Raw: 1203 c/s real, 1203 c/s virtual

Benchmarking: Office 2007/2010 SHA-1/AES [32/64]... DONE
Raw: 44.1 c/s real, 44.1 c/s virtual

Benchmarking: Oracle 11g SHA-1 [128/128 SSE2 intrinsics 8x]... DONE
Many salts: 14448K c/s real, 14448K c/s virtual
Only one salt: 11924K c/s real, 11924K c/s virtual

Benchmarking: Oracle 10 DES [32/64]... DONE
Raw: 981027 c/s real, 981027 c/s virtual

Benchmarking: osCommerce md5($salt.$pass) [128/128 SSE2 intrinsics 10x4x3]... DONE
Raw: 18325K c/s real, 18325K c/s virtual

Benchmarking: phpass MD5 ($P$9) [128/128 SSE2 intrinsics 4x4x3]... DONE
Raw: 14064 c/s real, 14064 c/s virtual

Benchmarking: PIX MD5 [128/128 SSE2 intrinsics 10x4x3]... DONE
Many salts: 15144K c/s real, 15144K c/s virtual
Only one salt: 15316K c/s real, 15316K c/s virtual

Benchmarking: PKZIP [32/64]... DONE
Many salts: 10326K c/s real, 10326K c/s virtual
Only one salt: 6887K c/s real, 6887K c/s virtual

Benchmarking: RACF DES [32/64]... DONE
Many salts: 3676K c/s real, 3676K c/s virtual
Only one salt: 3502K c/s real, 3502K c/s virtual

Benchmarking: Raw MD4 [128/128 SSE2 intrinsics 12x]... DONE
Raw: 30019K c/s real, 30019K c/s virtual

Benchmarking: Raw MD5 [128/128 SSE2 intrinsics 12x]... DONE
Raw: 22262K c/s real, 22262K c/s virtual

Benchmarking: Raw SHA-1 [128/128 SSE2 intrinsics 8x]... DONE
Raw: 13220K c/s real, 13220K c/s virtual

Benchmarking: Raw SHA-1 LinkedIn [128/128 SSE2 intrinsics 8x]... DONE
Raw: 13321K c/s real, 13321K c/s virtual

Benchmarking: md5(unicode($p)) [128/128 SSE2 intrinsics 12x]... DONE
Raw: 23016K c/s real, 23016K c/s virtual

Benchmarking: Salted SHA-1 [128/128 SSE2 intrinsics 8x]... DONE
Many salts: 13794K c/s real, 13794K c/s virtual
Only one salt: 11600K c/s real, 11716K c/s virtual

Benchmarking: SAP CODVN B (BCODE) [128/128 SSE2 intrinsics 12x]... DONE
Many salts: 7872K c/s real, 7872K c/s virtual
Only one salt: 7230K c/s real, 7230K c/s virtual

Benchmarking: SAP CODVN F/G (PASSCODE) [128/128 SSE2 intrinsics 8x]... DONE
Many salts: 3539K c/s real, 3539K c/s virtual
Only one salt: 3367K c/s real, 3367K c/s virtual

Benchmarking: Generic salted SHA-1 [32/64]... DONE
Many salts: 5038K c/s real, 5038K c/s virtual
Only one salt: 4826K c/s real, 4826K c/s virtual

Benchmarking: SIP MD5 [32/64]... Segmentation fault: 11

8. Quick test um eine Datei mit einem Passwort zu entschlüsseln.
Dazu eine Datei (z.B. testpsw) mit folgenden Inhalt anlegen: john:OozDCtCCAa/lM
Also der Benutzername getrennt durch ein Doppelpunkt mit dem Hash des Passwortes das entschlüsselt werden soll. Für mehrere Passwörter einfach eine neue Zeile verwenden.

9. Programm mit dieser Datei starten: ./run/john testpsw oder mit ./run/john -i testpsw
Das Ergebniss kann dann auch später mit .run/john testpsw --show angezeigt werden.

Schreibe einen Kommentar