Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20200526163801.GA16841@openwall.com>
Date: Tue, 26 May 2020 18:38:01 +0200
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: hashcat vs. JtR

On Tue, May 26, 2020 at 05:36:24PM +0200, Solar Designer wrote:
> [...] hashcat has "Combination" mode, which combines words
> from multiple wordlists to form candidate passphrases.  JtR's closest
> built-in equivalent is PRINCE mode, kindly contributed by atom of
> hashcat.

Correction: I shouldn't have said "equivalent".  It is not.  It is
merely the most similar, but it's also very different: "Combination"
works on multiple wordlists, PRINCE works on one wordlist.

My point here is precisely that neither tool covers the full range of
attacks that the other tool is capable of.

Another thing that's different is source code style and quality, as well
as consistency of the feature set and consistency and quality of
documentation.  hashcat is a younger project (~10 years old vs. JtR's
~25 years old or ~23 years of evolution since last rewrite).  hashcat
has been more closely maintained by its original author during its
entire lifetime so far, which results in greater consistency and code
quality.  While JtR core was also closely maintained, JtR jumbo was for
a long time promiscuous in accepting contributions as long as they
worked at all and added reasonable functionality.  As a result, JtR
jumbo's coding style and quality varies and is in many places much worse
than desired.  Recent extensive testing (Continuous Integration,
testing and fuzzing on multiple platforms) mitigated this for the users
(killing many actual bugs), but the code is in many places not pleasant
to maintain and is in need of an overdue rewrite.

Is hashcat's documentation also more consistent than JtR's?  I don't
really know, so won't make such claim.  hashcat appears to include less
documentation with itself, having most(?) of it on the wiki instead,
which I think is a recipe for inconsistency.  Someone more familiar with
this should comment.

> I also started writing a list of what's the same or similar between the
> tools.  It quickly got way too long to include in this same message, so
> I abandoned it for now.  I might try and "complete" and post it later.

Well, not "complete", but posting anyway:

What's currently mostly common about John the Ripper and hashcat:

Both are cross-platform Open Source offline password crackers primarily
aimed at professional users.  Both are feature-rich and aim for high
performance and high efficiency.  Both are primarily command-line tools,
with GUI or web front-ends available as separate wrapper programs.  Both
support OpenCL devices, most notably GPUs.  Both can use multiple GPUs.

"Offline" means that they probe passwords against data that is available
on the computer locally (in files), and that they will not actively
probe passwords against remote systems (unlike e.g. THC Hydra, which is
an online password cracker).  They may, however, probe passwords against
data previously obtained from remote systems (e.g., password hash files
copied using the administrator's privileged access to those systems, or
Kerberos TGTs requested from remote Kerberos servers, or encrypted
cryptocurrency wallets/backups requested from an online wallet service).
They may also probe passwords against relevant data extracted out of
previously recorded (sniffed) network traffic for authentication
sessions that use challenge-response protocols allowing for subsequent
offline attacks (e.g., Windows NTLM protocols, (MS-)CHAP, WiFi WPA-PSK).

Either tool supports a few hundred different password (non-)hash types
(JtR calls these "formats", hashcat calls them "modes").  These include
classic password hashes (of user accounts on operating systems, web
applications, business collaboration platforms, database management
systems, etc.), as well as many kinds of password-encrypted data
("documents", archives, filesystems and full disks, cryptocurrency
wallets, GnuPG and SSH private keys, etc.), password-derived tokens, and
relevant network traffic captures.

Either tool is able to generate candidate passwords to probe in a wide
variety of ways (JtR calls these "cracking modes", hashcat calls them
"attack modes").  Some may also be combined.  These include simply
reading candidate passwords from a wordlist (a text file with one entry
per line), applying word mangling rules, potentially exhaustively
searching a certain easily defined password space (e.g., all-lowercase
up to a certain length) yet doing so in an optimized order (using Markov
chains over groups of characters seen in a training set, such as in
previously cracked passwords), exhaustively searching passwords that
match a "mask" (such as for partially-forgotten passwords), etc.

A primary purpose of both tools is to audit potentially large user
account databases, identifying weak passwords.  Both tools are able to
efficiently probe passwords against millions of password hashes at once,
but only for hashes that are of (almost) the same type.  (For multiple
types you need to invoke the program once per type, maybe concurrently.)

For both tools, the native input format is text files with one password
hash per line (and optionally other colon-separated fields).  Input data
other than password hashes in text files should be preprocessed with
tools specialized to the input data format.  Such tools that are part of
JtR jumbo generally follow the *2john naming.  There are also *2hashcat
tools out there.  There are also tools not associated with and not
targeting JtR and hashcat projects, yet producing output usable by JtR
and/or hashcat, such as the PWDUMP family of Windows password hash
dumping tools.

There's some cooperation between the projects, including in sharing and
interoperability of the preprocessing tools.  For example, JtR's
bitcoin2john.py is also the tool that a hashcat user would use to
preprocess a cryptocurrency wallet.dat file.  Conversely, hashcat's
7z2hashcat.pl is the upstream project for JtR's 7z2john.pl.  Cooperation
also includes agreement on and cross-support for wordlist rule commands,
hashcat's PRINCE (candidate passphrase generation) having been added to
JtR, and some assorted GitHub pull requests by developers working
primarily on one of these projects made and accepted into the other.

Over the period since the start of hashcat git history in December 2015
and until this writing in May 2020, the numbers of direct contributors
(git committers) into either project are similar (around 80).  The
number of commits and the ratio of commits made by a few top committers
are comparable between the projects, although over the same period
hashcat had almost twice more commits (6792 vs. 3463) and its share of
commits by the top committer is higher (76% by atom vs. 46% by magnum).
On the other hand, JtR's total commit count since the start of its
revision control history in April 2002 is higher yet (15597, but this
may be inexact due to CVS to git import peculiarities).  Both projects
made releases for a few years prior to the start of their fine-grained
revision control (JtR since 1996, hashcat since 2010).  Both were at
some point mostly rewritten (JtR once in 1998, hashcat several times
since 2010?), then proceeded to evolve.  Both have made their currently
latest releases 1-1.5 years ago (JtR in May 2019, hashcat in Dec 2018).

As usual, I'd appreciate any comments and especially corrections.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.