use_john_the_ripper_to_crack_password_hashes

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		 Previous revision
Next revisionBoth sides next revision
use_john_the_ripper_to_crack_password_hashes [31.01.2021 01:52] – created Pascal Suteruse_john_the_ripper_to_crack_password_hashes [31.01.2021 03:18] – [compile with OpenCL support to run on NVIDIA (and other) GPU's (tested on CentOS)] Pascal Suter
Line 9: Line 9:
   ../run/unshadow ~/tmp/passwd ~/tmp/shadow > ~/tmp/unshadow   ../run/unshadow ~/tmp/passwd ~/tmp/shadow > ~/tmp/unshadow
 ===== use john with openMP on multiple cores ===== ===== use john with openMP on multiple cores =====
 +  export OMP_NUM_THREADS=8
 +  john ~/tmp/unshadow
 +
 +===== use john with multiple cores by forking the process =====
   john --fork=8 ~/tmp/unshadow   john --fork=8 ~/tmp/unshadow
  
Line 15: Line 19:
  
 ===== compile john with MPI support to run on clusters ===== ===== compile john with MPI support to run on clusters =====
 +ubuntu dependencies
   sudo apt install libopenmpi-dev openmpi-bin   sudo apt install libopenmpi-dev openmpi-bin
 +centos dependencies / preparation: 
 +  yum install openmpi-devel openmpi openssl-devel 
 +  module load mpi/openmpi-x86_64
 +
 +get source and compile: 
   wget https://github.com/openwall/john/archive/1.9.0-Jumbo-1.tar.gz   wget https://github.com/openwall/john/archive/1.9.0-Jumbo-1.tar.gz
   tar xvf 1.9.0-Jumbo-1.tar.gz    tar xvf 1.9.0-Jumbo-1.tar.gz 
Line 26: Line 35:
 to check the progress run  to check the progress run 
   kill -USR1 $(pidof mpirun)   kill -USR1 $(pidof mpirun)
 +  
 +===== compile with OpenCL support to run on NVIDIA (and other) GPU's (tested on CentOS) =====
 +download and install cuda if you haven't already
 +  wget https://developer.download.nvidia.com/compute/cuda/11.2.0/local_installers/cuda_11.2.0_460.27.04_linux.run
 +  sudo sh cuda_11.2.0_460.27.04_linux.run
 +  wget https://github.com/openwall/john/archive/1.9.0-Jumbo-1.tar.gz
 +  tar xvf 1.9.0-Jumbo-1.tar.gz 
 +  cd john-1.9.0-Jumbo-1/src
 +  ./configure LDFLAGS=-L/usr/local/cuda/targets/x86_64-linux/lib CPPFLAGS=-I/usr/local/cuda/targets/x86_64-linux/include
 +the summary should show that OpenCL support is now enabled (yes)
 +  make -s clean && make -sj4
 +now let's run it :) here is an example where I ran john the ripper on a server with 8x NVIDIA GeForce RTX 2080 Ti: 
 +  run/john --format=sha512crypt-opencl -dev=gpu -fork=8  ../root.unshadow
 +the ''--format'' option needs to be specified in order to use the GPU at all. without specifying a format, john will always default to the CPU implementation of the crypt algo. to figure out which format to use, start john without a format parameter and then look at the output to find the crypt that was used. now run 
 +  run/john --list=formats --format=opencl
 +to get a list of all crypts that support opencl. if you are lucky, the one you are looking for is in there as well :) 
 +
 +the ''-dev=gpu -fork=8'' options are there to use all cards in parallel. this will fork 8 individual processes each working on their own range of passwords at a time and each on a different GPU. If you have multiple hosts with GPU you may use MPI for that. 
 +
 +===== Performance examples =====
 +if you press any key during the run, you will get a status showing you c/s (crypts per second). here are a few numbers from the systems i had access to at the moment of writing this article: 
 +^ CPU / GPU ^ c/s rate ^ method used ^
 +| 8-core i7-8809G CPU| 7'500 | OpenMP |
 +| 128-core (2 socket) AMD ROME 7742| 150'000 | OpenMP |
 +| 8 x GeForce RTX 2080 Ti | 8x190'000 | Fork | 
 +
 +
 +
  • use_john_the_ripper_to_crack_password_hashes.txt
  • Last modified: 02.02.2021 09:50
  • by Pascal Suter