Table of contents about Jhon the Ripper
Markov Mode Cracking
One of John’s improvements over time is its adoption of cracking techniques that rely on the statistical composition of cracked passwords to guide the generation of new guesses. Whereas John’s incremental mode tries all eventual permutations of a charset file, its Markov mode tries a limited set of permutations based on a “stats” file. Incremental mode is guaranteed to guess every combination at the expense of taking a very, very long time to complete. Markov mode trades completeness for speed; it tries guesses that are very close to known passwords under the assumption that humans choose passwords based on habit or identifiable patterns.
Use the –markov option to start this mode against a password file. The first run may not be very successful. But we can improve it over time. The following example uses the Markov mode’s defaults as defined in the john.conf file:
$ ./john –markov windows.txt
Updating the stats file for Markov mode requires using the calc_stat command. When running John in this mode, it’s not possible to specify alternate stats files (the file is defined in john.conf). Therefore, we’ll just rename files as necessary. The following example shows how to generate a stats file from the default password.lst file:
$ ./calc_stat password.lst general.stats
$ cp stats orig.stats
$ cp general.stats stats
We can rerun this mode based on the new stats file. In the following example, we supply additional arguments to the mode option. The first field influences how widely guesses will vary from the initial stats (higher numbers produce more guesses, and take more time; the maximum is 400). The second and third fields indicate the start and end iterations to guess; we want to go through all iterations, so we leave these both at 0. The fourth field indicates the length of guesses; we’ll aim for five in this example.
$ ./john –markov=300:0:0:5 windows.txt
Markov mode is most useful when targeting long passwords. For example, trying to brute force a 19-character password composed from a pool of 96 characters is roughly equivalent to brute-forcing a 125-bit encryption algorithm. (That is, the number of password combinations is on the order of generating every combination for a 125-bit value. AES, by comparison, uses a 128-bit key in its lowest mode. AES with a 128-bit key is currently considered safe enough to protect most kinds of information from brute-force attack. The algorithm also supports 192- and 256-bit key sizes for increased resistance to attack.)
In order to use Markov mode against long passwords, you need to provide the calc_stat command with a source of words of the same size. This is an imperfect approach because Markov guesses only “nearby” words to the seeds of its input, which may have less success as password lengths increase. However, any success should be lauded compared to the time a full brute-force attack would have taken.
On its own, this mode may not seem productive. We’ll look at how to leverage it successfully in the next section.