Distributed cracking with John the Ripper

John the Ripper has been a industry standard for password cracking for
the past decade. While a great application, it’s getting a bit dated.

For example, without some heavy modification, it can’t brute-force past 8 characters,or make use of multi-core CPU’s.

Using openmpi, we can solve the latter of the issues. In fact, after enabling openmpi, one can run John the Ripper across multiple cores across multiple machines via a network.

Lets start with the installation of the master:
Go to John the Ripper’s homepage and download the latest community enhanced versions.

Now we need to install some software. On a standard Debian build, issue:

apt-get install libopenmpi-dev openmpi-bin build-essential libssl-dev

Extract the downloaded file to an appropriate location, such as /opt/john.

From this directory, change to the src directory and uncomment the following lines in ‘Makefile’:

CC = mpicc -DHAVE_MPI
MPIOBJ = john-mpi.o

Then run make to find the correct system for you.
After finding the right one, issue for example:

make clean linux-x86-64

To run John only on the master ,we need to call it via mpiexec, and specify the amount of CPU’s we wish to dedicate.

 mpiexec -n  8 /opt/john/run/./john --test

If you want to run it across several computers, you will have to repeat the above instructions on each machine.

You will also need either a DNS setup, or a configured /etc/host file for the master, listing each computer’s name and IP address.

Then add a mpi user to each machine:

 adduser mpi

and give this user access to run John.

On the master system, while logged in as mpi, generate an ssh key

 ssh-keygen -t rsa -C "mpi"

Copy this key to each node as such:

 ssh-copy-id -i id_rsa.pub  node

On the mater, create a hosts file, specifying each node available CPU’s:

hosts:
master slots=7
node1 slots=2
node2 slots=1

One can then call

john --test

with:

 mpiexec -n 10  -hostfile ~mpi/hosts /opt/john/run/./john --test

To make it a bit more easier, I have created two bash scripts.

The first will call John via mpiexec.

johnmpi:

#!/bin/bash
mpiexec -n 10  -hostfile ~mpi/hosts /opt/john/run/./john $@

The second will display the status of a current running John session

johnmpi-status:

#!/bin/bash
mpiexec -n 10  -hostfile ~mpi/hosts /opt/john/run/./john --status
pid=`ps -e   |grep mpiexec  |cut -f2 -d " "`
skill -USR1 $pid

Works brilliantly.

Advertisements
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s