[an error occurred while processing this directive]
Password Recovery
OS passwords
Windows NT/2000/XP/2003/Vista/7
Windows NTFS (EFS)
Windows 95/98/ME
Microsoft Office
MS Word
Other Microsoft products
Internet Explorer
Outlook Express, Outlook, Internet Mail
SQL Server
Documents, Office Applications
Adobe Acrobat PDF
Corel WordPerfect Office: WordPerfect, QuattroPro, Paradox
Lotus SmartSuite: Organizer, WordPro, 1-2-3, Approach
Intuit Quicken, Quicken Lawyer, QuickBooks
Symantec ACT!
E-mail (POP3, IMAP): Microsoft Outlook Express, Outlook, Internet Mail; Eudora, The Bat!, Netscape Mail, ...
Instant Messengers: ICQ, AOL, Yahoo!, Hotmail & MSN, Skype, ...
Passwords hidden behind asterisks ("***")
PGP secret keys, disks, archives

The primary legitimate purpose of Unix password crackers is for a system's administrator to detect and eliminate weak user passwords. This requires access to the password hashes, which modern Unix systems only grant to the administrator (root).

Not all Unix passwords may be cracked in a reasonable time (and this is why it makes sense to enforce strong passwords). If you're looking for a way to recover or bypass a lost password, it's usually easiest to just change it or ask your system administrator to do so. If it's the administrator (root) password that is lost, there's almost always a way to bypass and change it with physical access (the exact details are very specific to your Unix flavor and setup).

There are several password hash types used by different Unix flavors, with different properties. Some are also re-used on non-Unix. In particular, the MD5-based hashes which originate in FreeBSD are now also used by Cisco IOS for "enable" passwords. It means that these crackers may be used on such passwords as well.

John the Ripper by Openwall Project
Unix / Win32 / DOS (DPMI) / BeOS / OpenVMS, free (GPL v2)

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, BeOS, and OpenVMS. Besides the crypt(3) password hash types most commonly found on various Unix flavors (several DES-based, MD5-based, and Blowfish-based), supported out of the box are Kerberos AFS and Windows NT/2000/XP LM hashes.

John uses efficient special-purpose cryptographic algorithms (such as bitslice DES) and implementations (including in assembly, making use of MMX on x86 and AltiVec on PowerPC processors).

Four cracking modes are implemented: "single crack" (derives candidate passwords to try from information in the password files themselves), wordlist with word mangling rules, "incremental mode" (tries all possible character combinations in an optimal order based on statistical information), and external (allows you to program an algorithm in a C-like language).

There are contributed patches, which add support for Windows NTLM (MD4-based) hashes, OpenVMS passwords (SYSUAF.DAT), S/Key skeykeys files, AFS/Kerberos v4 TGT, Kerberos v5 TGT, Netscape LDAP server (SHA, SSHA) passwords, MySQL passwords, Eggdrop IRC bot userfiles, Apache MD5-based "apr1" password hashes, raw MD5 hashes (hex-encoded), and more.

An implementation of one of the modern password hashes found in John is also available separately for use in your software or on your servers.

There's a proactive password strength checking module for PAM-aware password changing programs, which can be used to prevent your users from choosing passwords that would be easily cracked with programs like John or Crack.

Crack by Alec Muffett
Unix, free (Perl Artistic License)

Crack is the classical Unix password cracker (now mostly of historical value). The distribution includes Eric Young's fcrypt, - an implementation of the traditional DES-based Unix password hashing (quite efficient, yet typically several times slower than what John the Ripper is able to achieve).

When generating candidate passwords to try, Crack will use information from the password files and wordlists with word mangling rules.

One feature specific to Crack is its DAWG (Directed Acyclic Word Graphs) wordlist compression, which saves disk space needed to store wordlists.

[an error occurred while processing this directive]