This is an old revision of the document!
Use John The Ripper to crack password hashes
prepare shadow and passwd files for john
first unshadow your passwd and shadow files
../run/unshadow ~/tmp/passwd ~/tmp/shadow > ~/tmp/unshadow
use john with openMP on multiple cores
export OMP_NUM_THREADS=8 john ~/tmp/unshadow
use john with multiple cores by forking the process
john --fork=8 ~/tmp/unshadow
query the results
john --show ~/tmp/unshadow
compile john with MPI support to run on clusters
ubuntu dependencies
sudo apt install libopenmpi-dev openmpi-bin
centos dependencies / preparation:
yum install openmpi-devel openmpi openssl-devel module load mpi/openmpi-x86_64
get source and compile:
wget https://github.com/openwall/john/archive/1.9.0-Jumbo-1.tar.gz tar xvf 1.9.0-Jumbo-1.tar.gz cd john-1.9.0-Jumbo-1/src ./configure --enable-mpi make -s clean && make -sj4
now run it :)
mpirun -np 8 -host localhost,localhost,localhost,localhost,localhost,localhost,localhost,localhost ../run/john ~/tmp/unshadow
to check the progress run
kill -USR1 $(pidof mpirun)
compile with OpenCL support to run on NVIDIA (and other) GPU's (tested on CentOS)
download and install cuda if you haven't already
wget https://developer.download.nvidia.com/compute/cuda/11.2.0/local_installers/cuda_11.2.0_460.27.04_linux.run sudo sh cuda_11.2.0_460.27.04_linux.run wget https://github.com/openwall/john/archive/1.9.0-Jumbo-1.tar.gz tar xvf 1.9.0-Jumbo-1.tar.gz cd john-1.9.0-Jumbo-1/src ./configure LDFLAGS=-L/usr/local/cuda/targets/x86_64-linux/lib CPPFLAGS=-I/usr/local/cuda/targets/x86_64-linux/include
the summary should show that OpenCL support is now enabled (yes)
make -s clean && make -sj4
now let's run it :) here is an example where I ran john the ripper on a server with 8x NVIDIA GeForce RTX 2080 Ti:
run/john --format=sha512crypt-opencl -dev=gpu -fork=8 ../root.unshadow
the –format option needs to be specified in order to use the GPU at all. without specifying a format, john will always default to the CPU implementation of the crypt algo. to figure out which format to use, start john without a format parameter and then look at the output to find the crypt that was used. now run
run/john --list=formats --format=opencl
to get a list of all crypts that support opencl. if you are lucky, the one you are looking for is in there as well :)
the -dev=gpu -fork=8 options are there to use all cards in parallel. this will fork 8 individual processes each working on their own range of passwords at a time and each on a different GPU. If you have multiple hosts with GPU you may use MPI for that.