John the Ripper password cracker
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix systems, supported out of the box are Windows LM hashes, plus lots of other hashes and ciphers in the community-enhanced version.
John the Ripper is free and Open Source software, distributed primarily in source code form. If you would rather use a commercial product tailored for your specific operating system, please consider John the Ripper Pro, which is distributed primarily in the form of "native" packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance.
Proceed to John the Ripper Pro homepage for your OS:
Download the latest John the Ripper core release (release notes):
Download the latest community-enhanced version (release notes, patch to build 1.8.0-jumbo-1 on non-x86):
To verify authenticity and integrity of your John the Ripper downloads, please use our PGP public key. Please refer to these pages on how to extract John the Ripper source code from the tar.gz and tar.xz archives and how to build (compile) it. You may also consider the unofficial builds on the contributed resources list further down this page.
These and older versions of John the Ripper, patches, unofficial builds, and many other related files are also available from the Openwall file archive.
You may browse the documentation for John the Ripper online, including a summary of changes between versions. Also relevant is our presentation on the history of password security.
There's a wiki section with John the Ripper user community resources. The more experienced users and software developers may browse the source code for John the Ripper online, along with revision history information for each source file.
There's a collection of wordlists for use with John the Ripper. It includes lists of common passwords, wordlists for 20+ human languages, and files with the common passwords and unique words for all the languages combined, also with mangling rules applied and any duplicates purged.
Additionally, you may download an ISO image of Openwall GNU/*/Linux, which includes a pre-built copy of John the Ripper 1.8.0 ready for use without requiring another OS and without having to install on a hard disk (although that is supported).
An implementation of one of the modern password hashes found in John is also available separately for use in your software or on your servers.
There's a proactive password strength checking module for PAM-aware password changing programs, which can be used to prevent your users from choosing passwords that would be easily cracked with programs like John.
We may help you integrate modern password hashing with crypt_blowfish and/or proactive password strength checking with passwdqc into your OS installs, please check out our services.
There's a mailing list where you can share your experience with John the Ripper and ask questions. Please be sure to specify an informative message subject whenever you post to the list (that is, something better than "question" or "problem"). To subscribe, enter your e-mail address below or send an empty message to <john-users-subscribe at lists.openwall.com>. You will be required to confirm your subscription by "replying" to the automated confirmation request that will be sent to you. You will be able to unsubscribe at any time and we will not use your e-mail address for any other purpose or share it with a third party. However, if you post to the list, other subscribers and those viewing the archives may see your address(es) as specified on your message. The list archive is available locally and via MARC. Additionally, there's a list of selected most useful and currently relevant postings on the community wiki.
A separate mailing list exists for John the Ripper development discussions (that is, if you want to discuss and contribute to the source code). Its archive is available locally. To subscribe, enter your e-mail address below or send an empty message to <john-dev-subscribe at lists.openwall.com>.
Contributed resources for John the Ripper:
Local copies of these and many other related packages are also available from the Openwall file archive.
John the Ripper is part of Owl, Debian GNU/Linux, Fedora Linux, Gentoo Linux, Mandriva Linux, SUSE Linux, and a number of other Linux distributions. It is in the ports/packages collections of FreeBSD, NetBSD, and OpenBSD.
John the Ripper is a registered project with Open Hub and it is listed at SecTools.