Doppelganger john

John the Ripper is a neat tool for security-checking your passwords. Unfortunatly it is not able to use SMP, so there’s some room for improvement. Out of boredom, I came up with a little hack for the meantime:


#!/bin/sh

if [ $UID -ne 0 ]; then
echo “Only root wants to run this”
exit 1;
fi
if [ ! -x /usr/bin/john ]; then
echo “No john installed.”
exit 1;
fi
if [ $# -ne 3 ]; then
echo “Usage: $0 CPUS WORDLIST HASHFILE”
exit 1;
fi

# Create a temporary working directory
TMP_PATH=/tmp/multijohn-$$
BIG_WORDLIST=/$TMP_PATH/biglist
mkdir -p $TMP_PATH

# Clean up after receiving either SIGHUP, SIGINT, SIGQUIT or SIGTERM
trap “rm -rf $TMP_PATH; exit 2″ 1 2 3 15

# Generate and save mangled word list
echo “Generating mangled (big) wordlist…”
john -w:$2 -ru -stdout > $BIG_WORDLIST
echo “Done, saved into $BIG_WORDLIST”

BIG_WORDLIST_LINES=`wc -l $BIG_WORDLIST | awk ‘{print $1;}’`
echo “Mangled wordlist line count: $BIG_WORDLIST_LINES”

echo “Split mangled worldist into $1 pieces…”
split -l $(($BIG_WORDLIST_LINES / $1)) $BIG_WORDLIST $TMP_PATH/words-
rm $BIG_WORDLIST

echo “Starting $1 johns…”
for X in $TMP_PATH/words-*
do
john -session:$X-john -w:$X $3 &
done

wait
echo “All done, exiting…”
rm -rf $TMP_PATH

Save that as multijohn.sh, set the execute flag and have fun. Note that here’s room for improvement too ;-)

multijohn

Update: removed the redundant -ru parameter..