Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20240929144050.GA21320@openwall.com>
Date: Sun, 29 Sep 2024 16:40:50 +0200
From: Solar Designer <solar@...nwall.com>
To: Dan Campbell <dcwhatthe@...il.com>
Cc: john-users@...ts.openwall.com
Subject: Re: How do we purchase the Windows Pro version of the cracker?

Hi Dan,

Is there any specific reason why you want to purchase a product rather
than use a free John the Ripper jumbo build for Windows?  For example,
specific functionality or ease of use you're looking for, or desire to
support our project?

We do not have a Pro for Windows.  We do link to Hash Suite, but it's a
related project rather than a version of John the Ripper, so its
functionality is quite different - it offers a GUI (while John the
Ripper is command-line only) and better performance, but it supports
only a small subset of the targets (hash and file types) that John the
Ripper supports (currently just 14 vs. hundreds).

On Sun, Sep 29, 2024 at 12:42:42AM -0400, Dan Campbell wrote:
> There's a reference to some hash suite, but that link leads to a site that
> Malwarebytes blocks as riskware.

Thank you for letting us know.  That's really unfortunate.  Can you
please report this to Malwarebytes as a false positive and detrimental?

The reality is that so-called anti-viruses tend to detect password
cracking software as potentially undesirable, often blocking downloads
or even websites.  Checking e.g. VirusTotal, there's almost always some
non-zero detection rate for Hash Suite and for Windows builds of John
the Ripper, and it grows the longer the release has been out.  So yes,
ideally we'd be making releases far more often than we do.  Meanwhile,
it's up to you to choose between overly-aggressive anti-viruses and
password crackers.

VirusTotal shows me a 27/68 detection rate for Hash_Suite_Free_3_7.zip
(where Malwarebytes detects Generic.Malware/Suspicious, while e.g.
Kaspersky gives Not-a-virus:RiskTool.Win32.DumpReg.a), but somehow only
1/67 for john-1.9.0-jumbo-1-win64.zip (SentinelOne (Static ML) gives
Static AI - Malicious PE).  IIRC, it was actually much worse for John
the Ripper before, so maybe those tools are improving.  As to Hash
Suite, I think the higher detection rate is due to Hash Suite having
more Windows-native functionality, such as extraction of hashes from
Windows systems themselves.  With John the Ripper, you'd use external
PWDUMP tools for that (and there's a higher detection rate for those).

> Is there a Paypal address or some purchase link, so I can get the official
> windows pro version?

No, primarily because there isn't a Windows Pro version.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.