John The Ripper | Managing Sessions
In previous posts we discussed about how to compile and crack passwords using John the ripper. Here we will discus how to mange password cracking sessions. In this section we will learn how we can pause John The Ripper while cracking and resume from where we left it while pausing.
And no matter you are using Linux, UNIX or windows you can pause it and can also resume it.
And no matter you are using Linux, UNIX or windows you can pause it and can also resume it.
To start a password cracking session that can be resumed use password cracking command in following way.
[root@localhost run~]#./john --session -w=password.lst -ru password.txt
Now as you can see we just introduced session option in word list password cracking mode. If you are running this command on UNIX or Linux you have an extra advantage of sending process in background.
[root@localhost run~]#./john --session -w=password.lst -ru password.txt &
If you want have a look on progress type,
[root@localhost run~]#./john --status
And you will get progress report for password cracking. Now if you are running multiple instances of password cracking then there might be several sessions and above thing will not work for it, for managing several password cracking sessions you have to give each session a name, the following command creates a session with name max,
[root@localhost run~]#./john --session=max -w=password.lst -ru password.txt &
If you want to have a look on progress type
[root@localhost run~]#./john –session=max
Basically you cancel password cracking when you press ctrl + Z but once session is declared John The Ripper pauses execution than canceling it. Once paused you can even shutdown your PC and start it from where it was left. To restore session type following commands,
[root@localhost run~]#./john --restore (if any session name is not created)
[root@localhost run~]#./john --restore=max (where max is session)
You are highly recommended to create a session name no matter you what to maintain only a single password cracking session.
You might be knowing about binary search algorithm. If you know what it does then you should feel glad John The Ripper supports a similar feature which allows you to break password list according to needs while cracking password. This feature comes handy when your password list is damn big. You can use feature in following way,
[root@localhost run~]#./john -w=password.lst -ru –salts=2 password.txt
You can replace 2 by 3,4,5 and even 1000 when your password list is very big or you are quite sure your victim has very powerful password. Please note that total password cracking time will be same but many passwords will get cracked soon. If number of users in your password.txt file is less then and only then your passwords will get cracked soon else total time will be same. You must use this feature because it might happen it may break root group user's password before and then you'll hardly bother about any other password to break because you will be having admin rights.
Lastly John The Ripper is capable of running on multiple password files simultaneously,
[root@localhost run~]#./john --session -w=password.lst -ru password1.txt password2.txt password3.txt
Note that using John The Ripper in above method can cause CPU overload so you must have good computer to run command by above method. Lastly can we mix up all session management methods then the answer is yes, have a look on following commands,
./john -session=max -w=new.lst -ru salts=4 password1.txt password2.txt ….. paswordn.txt &
For UNIX and Linux
john -session=max -w=new.lst -ru salts=4 password1.txt password2.txt ….. paswordn.txt
For windows.
We mixed up all session management commands with each other and it does works fine. Now try using them and if you have got any problem, then feel free to ask. Thanks for reading, keep visiting.
