Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 11 Jun 2009 04:35:25 +0200
From: noah williamsson <>
Subject: Re: GI John


> Hello!
> Finally I can publish my distributed patch for john. Its seems to
> working, i hope it will be stable in the future, when more people will
> use it.
> You can download it from here:
> Every info what you need, is readable from the faq section, but if you
> have some problem, you can reach me, by my e-mail address.
> The patch only works with the original john and the website.

Interesting work!
I've been running something quite similar since 2004, though it never
went public until 2008.

Based on John's incremental engine (inc.c) we created a program that
allowed us to feed the cracking engine an initial state, move N
iterations forward and return the new state.
The new state could then be fed as an initial state for the next run
of the program.

This allowed us to create "work items" that could be distributed among
participating clients.
Those work items were pretty much like restore points (i.e, john
-recover) but more precise and finite.

The client software was a modified version of John the Ripper v1.6
that had hooks at various places so it could fetch "work items" (i.e,
hashes and wordlist or incremental mode state) and report back any
cracked hashes.

It used libcurl to talk to a web service that generated work items,
managed "jobs" (a list of hashes) and distributed these work items to
the clients based on the jobs' priorities. Other modifications were
SIMD optimizations to some hash functions, notably FreeBSD MD5 and
support for SMP in a way similar to what you seem to have done in GI
John (only had a very quick look though).

The web service supported both incremental mode of various charsets
aswell as wordlist cracking.

During the late summer of 2008 I did a complete rewrite of the service
backend, the web frontend and the hooks in John the Ripper (now based
on 1.7.2).
The SMP- and wordlist support was lost in the process and never
implemented again, mainly due to nice summer weather. ;)

Somewhat abandoned but very much functional, it's available at
The source code modifications to John are available at (john 1.7.2 +
jumbo patch + web service stuff)
Most modifications are in src/{webapi,inc,john}.c IIRC. The work
item-generator is available in backend/.
The Windows build sports a dialog-based frontend with a tray icon
(screenshots available at the website).

The client leaks some memory due to memory optimizations in John, but
fortunately it isn't noticable unless the client is run for a long
time, cracking tens of thousands of hashes.

Other attempts to build distributed versions of John the Ripper that
might be of interest are and
ElcomSoft also provides a (commercial) software that allows for
distributed cracking though it appears to require Windows on all

  -- noah

To unsubscribe, e-mail and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.