README.md
Distributed password cracker using myjohn
=========================================

Usage:
------

First you need to launch the server, the server arguments are:

-f --passwdfile password file.
-l --lenmax the maximum length of the tested passwords. [6]
-m --markov_level maximum strength of passwords that are going to be cracked. [150]
-p --password server password for this session.
-P --port port. [8080]
-t --time time in seconds before client timeout. [14400]
-r --rangesize markov range size. [100000000]
-s --start index of fisrt password.

Example:

./server_passwd.rb -f passwd_file.txt -l 7 -m 280 -p password

You must specify a password, this password is used to accept new client
connection.

Client side:

-h --help this help.
-i --host server host name. [localhost]
-P --port port. [8080]
-p --password password for this session.
-j --john john path. [./myjohn/run/john]
-f --format force ciphertext format.

Example:
./client_passwd.rb -i server.org -P 8080 -p password -j /home/romain/myjohn/john


Features:
---------

- The communication between client and server is secured using ssl.

- Monitor the password cracking process at this address:
https://server_addr:port/admin
To access this page you have to enter a login which is admin by default and
a password, the password you specify when you launch the server.

- Force server to reload password file by sending SIGHUP to him.

- You can specify a priority for password by adding 'priority:x ' at the
begin of the password line.

Example:

$ cat ./passwd_file.txt
priority:10 root:xxxxe1ylJxxx.:0:0:root:/:/bin/sh
priority:5 user:xxxxJngDZnxxx:0:0:User:/:/bin/sh
priority:1 nobody:xxxx7RfLkJxxx:0:0:nobody for ftp:/:/bin/sh
In this example for a complete cycle root password will be send 10 times
to the clients, user 5 and nobody 1. You should only use this option for salted
passwords.


Known Issues :
--------------

If you password file is very big, the server could be overloaded with found passwords
(the code should be updated to use a Hash instead of an Array) so you should first
do a pass with john (single, wordlist) to filter easy passwords.