A library for generating tripcodes on textboards and imageboards.
John the Ripper is an old school hacker tool. It has been around since the early days of Unix based systems and was always the go to tool for cracking passwords. When you needed to recover passwords from /etc/passwd or /etc/shadow in more modern.nix systems, JTR was always ready to roll.
Compatibility
- Crack the Code and Find the Secret Word. Cracking Codes & Cryptograms For Dummies has something extra — a secret word within the book for you to discover! This secret word isn't listed in the Hints or Answers, and it isn't mentioned anywhere within the book. The only way you can discover it is by solving the puzzles.
- Computer stuff that I like, other interesting stuff. SEO Optimization search queries: GNU/linux thinkpad debian libreboot coreboot free as in freedom libre W.
This crate is compatible with tripcodes of the following formats:
- 4chan's normal (non-secure) tripcode
- 2channel's tripcodes:
- 10-character tripcode (10桁トリップ)
- Nama key tripcode (生キートリップ)
- 12-character tripcode (12桁トリップ)
- 2ch.sc's tripcodes:
- 15-character tripcode (15桁トリップ)
- Katakana tripcode (カタカナトリップ)
Usage
Add tripcode to the dependencies in your project's Cargo.toml:
and this to your crate root:
Overview
Basic examples:
Handling non-UTF-8 passwords
Besides str, the generate() method can take any object that implements AsRef<[u8]>so that it can handle non-UTF-8 passwords.
Here's an example of generating a tripcode from a CP932 (superset of Shift-JIS) encoded password.This example uses encoding crate:
Avoiding reallocations
The append() method takes a &mut String and appends the resulting tripcode to it.The method does not cause additional heap allocations if the buffer has sufficient capacity tostore the tripcode.
Writing to streams
The write() method takes a mutable reference to a Write and writes the resulting tripcodeto it.
Reexports
pub use FourchanNonescaping as Mona10Nonescaping; |
Modules
Crack Tripcode
| hash | Tools for handling lightweight hash values that can be encoded to/decoded from tripcodes. |
Structs
Traits
| TripcodeGenerator | Trait for generators of tripcodes. |
| TripcodeGeneratorFailable | Trait for tripcode generators which may fail in generation. |
Humans tend to forget. This is especially true for passswords! Forgetting zip passwords renders the zip file unuseable because it is not possible to recover the content of the zip file without the right password. So once in a while i have to crach my own passwords. I use the tool John the Ripper to recover the lost passwords. John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords.
I dont know if there is a package distribution of JTR for Ubuntu / Debian, so i decided to compile it by myself. Be sure that you have installed all needed libraries. In my case libssl-dev was missing and the first compilation attempt failes.
$ wget http://www.openwall.com/john/j/john-1.8.0-jumbo-1.tar.xz
$ tar -xvf ./john-1.8.0-jumbo-1.tar.xz
$ cd john-1.8.0-jumbo-1/src
$ ./configure
$ make
Crack Trapcode Particular
The previously shown installation downlods the libssl-dev package which is needed for the compilation of JTR. Build essentials have also to be installed, but i assume that you have already installed this package. The Next step is to download the sourcecode to the local directory and to unpack it. Finaly you run configure and make to compile it. On my machine the compilation took about 3 minutes. The result of the compilation will appear in the run folder.
If you start JTR without arguments then it prints its help and some configuration information:
John the Ripper password cracker, version 1.8.0-jumbo-1_omp [linux-gnu 64-bit AVX-autoconf]
Copyright (c) 1996-2014 by Solar Designer and others
Homepage: http://www.openwall.com/john/
Usage: john [OPTIONS] [PASSWORD-FILES]
--single[=SECTION] 'single crack' mode
--wordlist[=FILE] --stdin wordlist mode, read words from FILE or stdin
--pipe like --stdin, but bulk reads, and allows rules
--loopback[=FILE] like --wordlist, but fetch words from a .pot file
--dupe-suppression suppress all dupes in wordlist (and force preload)
--encoding=NAME input encoding (eg. UTF-8, ISO-8859-1). See also
doc/ENCODING and --list=hidden-options.
--rules[=SECTION] enable word mangling rules for wordlist modes
--incremental[=MODE] 'incremental' mode [using section MODE]
--mask=MASK mask mode using MASK
--markov[=OPTIONS] 'Markov' mode (see doc/MARKOV)
--external=MODE external mode or word filter
--stdout[=LENGTH] just output candidate passwords [cut at LENGTH]
--restore[=NAME] restore an interrupted session [called NAME]
--session=NAME give a new session the NAME
--status[=NAME] print status of a session [called NAME]
--make-charset=FILE make a charset file. It will be overwritten
--show[=LEFT] show cracked passwords [if =LEFT, then uncracked]
--test[=TIME] run tests and benchmarks for TIME seconds each
--users=[-]LOGIN|UID[,.] [do not] load this (these) user(s) only
--groups=[-]GID[,.] load users [not] of this (these) group(s) only
--shells=[-]SHELL[,.] load users with[out] this (these) shell(s) only
--salts=[-]COUNT[:MAX] load salts with[out] COUNT [to MAX] hashes
--save-memory=LEVEL enable memory saving, at LEVEL 1.3
--node=MIN[-MAX]/TOTAL this node's number range out of TOTAL count
--fork=N fork N processes
--pot=NAME pot file to use
--list=WHAT list capabilities, see --list=help or doc/OPTIONS
--format=NAME force hash type NAME: 7z AFS agilekeychain aix-smd5
aix-ssha1 aix-ssha256 aix-ssha512 asa-md5 bcrypt
bfegg Bitcoin blackberry-es10 Blockchain bsdicrypt
chap Citrix_NS10 Clipperz cloudkeychain cq CRC32
crypt dahua descrypt Django django-scrypt dmd5 dmg
dominosec dragonfly3-32 dragonfly3-64 dragonfly4-32
dragonfly4-64 Drupal7 dummy dynamic_n eCryptfs EFS
eigrp EncFS EPI EPiServer fde FormSpring Fortigate
gost gpg HAVAL-128-4 HAVAL-256-3 hdaa HMAC-MD5
HMAC-SHA1 HMAC-SHA224 HMAC-SHA256 HMAC-SHA384
HMAC-SHA512 hMailServer hsrp IKE ipb2 KeePass
keychain keyring keystore known_hosts krb4 krb5
krb5-18 krb5pa-md5 krb5pa-sha1 kwallet LastPass LM
lotus5 lotus85 LUKS MD2 md4-gen md5crypt md5ns mdc2
MediaWiki MongoDB Mozilla mscash mscash2 MSCHAPv2
mschapv2-naive mssql mssql05 mssql12 mysql mysql-sha1
mysqlna net-md5 net-sha1 nethalflm netlm netlmv2
netntlm netntlm-naive netntlmv2 nk nsldap NT nt2
o5logon ODF Office oldoffice OpenBSD-SoftRAID
openssl-enc OpenVMS oracle oracle11 osc Panama
PBKDF2-HMAC-SHA1 PBKDF2-HMAC-SHA256
PBKDF2-HMAC-SHA512 PDF PFX phpass PHPS pix-md5 PKZIP
po postgres PST PuTTY pwsafe RACF RAdmin RAKP rar
RAR5 Raw-Blake2 Raw-Keccak Raw-Keccak-256 Raw-MD4
Raw-MD5 Raw-MD5u Raw-SHA Raw-SHA1 Raw-SHA1-Linkedin
Raw-SHA1-ng Raw-SHA224 Raw-SHA256 Raw-SHA256-ng
Raw-SHA384 Raw-SHA512 Raw-SHA512-ng ripemd-128
ripemd-160 rsvp Salted-SHA1 sapb sapg scrypt sha1-gen
sha1crypt sha256crypt sha512crypt Siemens-S7 SIP
skein-256 skein-512 skey Snefru-128 Snefru-256 SSH
SSH-ng SSHA512 STRIP SunMD5 sxc Sybase-PROP sybasease
tc_aes_xts tc_ripemd160 tc_sha512 tc_whirlpool
tcp-md5 Tiger tripcode VNC vtp wbb3 whirlpool
whirlpool0 whirlpool1 WoWSRP wpapsk xsha xsha512 ZIP
This crate is compatible with tripcodes of the following formats:
- 4chan's normal (non-secure) tripcode
- 2channel's tripcodes:
- 10-character tripcode (10桁トリップ)
- Nama key tripcode (生キートリップ)
- 12-character tripcode (12桁トリップ)
- 2ch.sc's tripcodes:
- 15-character tripcode (15桁トリップ)
- Katakana tripcode (カタカナトリップ)
Usage
Add tripcode to the dependencies in your project's Cargo.toml:
and this to your crate root:
Overview
Basic examples:
Handling non-UTF-8 passwords
Besides str, the generate() method can take any object that implements AsRef<[u8]>so that it can handle non-UTF-8 passwords.
Here's an example of generating a tripcode from a CP932 (superset of Shift-JIS) encoded password.This example uses encoding crate:
Avoiding reallocations
The append() method takes a &mut String and appends the resulting tripcode to it.The method does not cause additional heap allocations if the buffer has sufficient capacity tostore the tripcode.
Writing to streams
The write() method takes a mutable reference to a Write and writes the resulting tripcodeto it.
Reexports
pub use FourchanNonescaping as Mona10Nonescaping; |
Modules
Crack Tripcode
| hash | Tools for handling lightweight hash values that can be encoded to/decoded from tripcodes. |
Structs
Traits
| TripcodeGenerator | Trait for generators of tripcodes. |
| TripcodeGeneratorFailable | Trait for tripcode generators which may fail in generation. |
Humans tend to forget. This is especially true for passswords! Forgetting zip passwords renders the zip file unuseable because it is not possible to recover the content of the zip file without the right password. So once in a while i have to crach my own passwords. I use the tool John the Ripper to recover the lost passwords. John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords.
I dont know if there is a package distribution of JTR for Ubuntu / Debian, so i decided to compile it by myself. Be sure that you have installed all needed libraries. In my case libssl-dev was missing and the first compilation attempt failes.
$ wget http://www.openwall.com/john/j/john-1.8.0-jumbo-1.tar.xz
$ tar -xvf ./john-1.8.0-jumbo-1.tar.xz
$ cd john-1.8.0-jumbo-1/src
$ ./configure
$ make
Crack Trapcode Particular
The previously shown installation downlods the libssl-dev package which is needed for the compilation of JTR. Build essentials have also to be installed, but i assume that you have already installed this package. The Next step is to download the sourcecode to the local directory and to unpack it. Finaly you run configure and make to compile it. On my machine the compilation took about 3 minutes. The result of the compilation will appear in the run folder.
If you start JTR without arguments then it prints its help and some configuration information:
John the Ripper password cracker, version 1.8.0-jumbo-1_omp [linux-gnu 64-bit AVX-autoconf]
Copyright (c) 1996-2014 by Solar Designer and others
Homepage: http://www.openwall.com/john/
Usage: john [OPTIONS] [PASSWORD-FILES]
--single[=SECTION] 'single crack' mode
--wordlist[=FILE] --stdin wordlist mode, read words from FILE or stdin
--pipe like --stdin, but bulk reads, and allows rules
--loopback[=FILE] like --wordlist, but fetch words from a .pot file
--dupe-suppression suppress all dupes in wordlist (and force preload)
--encoding=NAME input encoding (eg. UTF-8, ISO-8859-1). See also
doc/ENCODING and --list=hidden-options.
--rules[=SECTION] enable word mangling rules for wordlist modes
--incremental[=MODE] 'incremental' mode [using section MODE]
--mask=MASK mask mode using MASK
--markov[=OPTIONS] 'Markov' mode (see doc/MARKOV)
--external=MODE external mode or word filter
--stdout[=LENGTH] just output candidate passwords [cut at LENGTH]
--restore[=NAME] restore an interrupted session [called NAME]
--session=NAME give a new session the NAME
--status[=NAME] print status of a session [called NAME]
--make-charset=FILE make a charset file. It will be overwritten
--show[=LEFT] show cracked passwords [if =LEFT, then uncracked]
--test[=TIME] run tests and benchmarks for TIME seconds each
--users=[-]LOGIN|UID[,.] [do not] load this (these) user(s) only
--groups=[-]GID[,.] load users [not] of this (these) group(s) only
--shells=[-]SHELL[,.] load users with[out] this (these) shell(s) only
--salts=[-]COUNT[:MAX] load salts with[out] COUNT [to MAX] hashes
--save-memory=LEVEL enable memory saving, at LEVEL 1.3
--node=MIN[-MAX]/TOTAL this node's number range out of TOTAL count
--fork=N fork N processes
--pot=NAME pot file to use
--list=WHAT list capabilities, see --list=help or doc/OPTIONS
--format=NAME force hash type NAME: 7z AFS agilekeychain aix-smd5
aix-ssha1 aix-ssha256 aix-ssha512 asa-md5 bcrypt
bfegg Bitcoin blackberry-es10 Blockchain bsdicrypt
chap Citrix_NS10 Clipperz cloudkeychain cq CRC32
crypt dahua descrypt Django django-scrypt dmd5 dmg
dominosec dragonfly3-32 dragonfly3-64 dragonfly4-32
dragonfly4-64 Drupal7 dummy dynamic_n eCryptfs EFS
eigrp EncFS EPI EPiServer fde FormSpring Fortigate
gost gpg HAVAL-128-4 HAVAL-256-3 hdaa HMAC-MD5
HMAC-SHA1 HMAC-SHA224 HMAC-SHA256 HMAC-SHA384
HMAC-SHA512 hMailServer hsrp IKE ipb2 KeePass
keychain keyring keystore known_hosts krb4 krb5
krb5-18 krb5pa-md5 krb5pa-sha1 kwallet LastPass LM
lotus5 lotus85 LUKS MD2 md4-gen md5crypt md5ns mdc2
MediaWiki MongoDB Mozilla mscash mscash2 MSCHAPv2
mschapv2-naive mssql mssql05 mssql12 mysql mysql-sha1
mysqlna net-md5 net-sha1 nethalflm netlm netlmv2
netntlm netntlm-naive netntlmv2 nk nsldap NT nt2
o5logon ODF Office oldoffice OpenBSD-SoftRAID
openssl-enc OpenVMS oracle oracle11 osc Panama
PBKDF2-HMAC-SHA1 PBKDF2-HMAC-SHA256
PBKDF2-HMAC-SHA512 PDF PFX phpass PHPS pix-md5 PKZIP
po postgres PST PuTTY pwsafe RACF RAdmin RAKP rar
RAR5 Raw-Blake2 Raw-Keccak Raw-Keccak-256 Raw-MD4
Raw-MD5 Raw-MD5u Raw-SHA Raw-SHA1 Raw-SHA1-Linkedin
Raw-SHA1-ng Raw-SHA224 Raw-SHA256 Raw-SHA256-ng
Raw-SHA384 Raw-SHA512 Raw-SHA512-ng ripemd-128
ripemd-160 rsvp Salted-SHA1 sapb sapg scrypt sha1-gen
sha1crypt sha256crypt sha512crypt Siemens-S7 SIP
skein-256 skein-512 skey Snefru-128 Snefru-256 SSH
SSH-ng SSHA512 STRIP SunMD5 sxc Sybase-PROP sybasease
tc_aes_xts tc_ripemd160 tc_sha512 tc_whirlpool
tcp-md5 Tiger tripcode VNC vtp wbb3 whirlpool
whirlpool0 whirlpool1 WoWSRP wpapsk xsha xsha512 ZIP
The next step is to crack the zip file (in my case the Bilder.zip).
$ ./john --incremental ~/Bilder.john
In the forst line JTR is extracting some data and the last line starts the brute-force attack against the zip file. This consumes a lot of CPU cycles - so it may be neccesary to adjust the niceness of the process. If you start JTR in the background then you can see the current status by adding the --status flag:
top - 21:25:22 up 22:14, 1 user, load average: 0.86, 0.33, 0.17
Tasks: 88 total, 2 running, 86 sleeping, 0 stopped, 0 zombie
%Cpu(s): 0.5 us, 0.0 sy, 99.5 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem: 4049740 total, 3912160 used, 137580 free, 225840 buffers
KiB Swap: 0 total, 0 used, 0 free. 1477764 cached Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
5160 gue 39 19 223776 31612 2564 R 99.4 0.8 1:45.36 john
5238 gue 20 0 24816 1524 1092 R 0.5 0.0 0:00.03 top
14795 snmp 20 0 114892 5988 2740 S 0.5 0.1 0:21.43 snmpd
.
.
.
$ ./john --status
0g 0:00:00:58 0g/s 1536p/s 1536c/s 1536C/s
The 0g in the status indicates that JTR has not found any matching password yet.
Brute force attacks are not the cleverest way how to crack passwords but if you have enough time then this attempt will work. JTR is a great tool that is capable of doing a lot of other stuff like dictionary attacks and so on. Have a look in the FAQ.
