John the Ripper in the cloud
John the Ripper is an Open Source password security auditing and password recovery tool available for many operating systems. John the Ripper jumbo supports hundreds of hash and cipher types, including for: user passwords of Unix flavors (Linux, *BSD, Solaris, AIX, QNX, etc.), macOS, Windows, "web apps" (e.g., WordPress), groupware (e.g., Notes/Domino), and database servers (SQL, LDAP, etc.); network traffic captures (Windows network authentication, WiFi WPA-PSK, etc.); encrypted private keys (SSH, GnuPG, cryptocurrency wallets, etc.), filesystems and disks (macOS .dmg files and "sparse bundles", Windows BitLocker, etc.), archives (ZIP, RAR, 7z), and document files (PDF, Microsoft Office's, etc.) These are just some of the examples - there are many more.
As an alternative to running John the Ripper on your own computer, you may run it in the cloud. We provide a pre-generated Amazon Machine Image (AMI) called Openwall Password Recovery and Password Security Auditing Bundle, which lets you start password recovery or a password security audit in minutes (if you've used Amazon Web Services before, or you need to sign up first).
The Bundle features Amazon Linux 2 along with John the Ripper jumbo pre-built and pre-configured with multi-GPU (via OpenCL) and multi-CPU support (with AVX-512, AVX2, and AVX acceleration, and transparent fallback when run on older CPUs lacking the latest AVX extensions). The Bundle has been tested on both GPU-enabled and CPU-only AWS instances.
Also included are the "all.lst" multi-lingual wordlist (20+ languages) from the Openwall wordlists collection, and sample Unix and Windows password hashes for testing and learning how to use the software.
Proceed to subscribe to the Bundle and launch your first virtual machine:
We provide a 5-day free trial, and you might actually complete your password recovery or audit within that timeframe. We also don't charge for usage of the Bundle on the tiny 1 vCPU instances that are eligible for AWS free tier, which provides free usage of some AWS services for the first year for new AWS users. (AWS service fees apply for usage of hardware outside of the free tier.) Paid usage of the Bundle after the 5-day free trial on larger AWS instances supports our Open Source project (and this might be one of your reasons to use the Bundle as opposed to building from source on your own).
For free community support on (semi-)advanced questions or issues (if you know half the answer), please join the public john-users mailing list and post in there. For general customer support, please e-mail us at <john-cloud-support at openwall.com>.
You may browse the documentation for John the Ripper core online. Also relevant is our presentation on the history of password security.
Demo of Apple macOS .dmg file password recovery using a GPU in the cloud: