UNIX and Linux Applications

Hi Friends

I like to know one thing the how exactly john the ripper works. I have search in google, read lots of tutorial on that.

I have simple question, can I get the password for the encrypted file for the following example.

e.g :

Abc.txt file

contents

"This is Joy"

Now I have encrypted the file using gpg and the password is 123.

I got the file Abc.txt.gpg.

Can I get the password using john the ripper while passing Abc.txt.gpg as input?

Thanks in Advance.

Joy

Short answer: No

Long answer: Let's delve into the cryptographic stuff behind UNIX passwords, GPG, and JtC.
UNIX authentication systems never save the passwords themselves in any form, not even encrypted, but instead use a hash of the password. A hash is similar to a compression function. It takes an array of bytes (say, the letters of a password) and mangles them into a fixed length array. The idea is that a small change in the original text yields a big change in the hash, and that by hashing 2 identical texts you get the same hash. If a user wants to authenticate, the password entered is hashed, and the hash is compared to the one saved.
Since hashing means you loose information, hashes will never be collision free. To prevent 2 users accidentally having the same password hash, salts were introduced. Those are random bits prepended to the password, so that even if two users has the same password, their hashes wouldn't match up.
The biggest difference between hashing and encryption functions is that hashes are very fast.

Encryption, OTOH, takes the input message (your text file) and a key (created from your password), and sends both through an encryption function like AES. Contrary to hashes, the result usually isn't shorter than the original, but it's getting transformed, and it's recoverable while hashes are not. Also, encryption schemes usually are very resilient against attacks. For example, with AES it's still impossible to recover the key in a know-plaintext attack (meaning: you have both the original text and the encrypted text, and it's still impossible to find out the key/password used as to decrypt other messages).

John the Ripper (JtR) uses the speed of hashes to its advantage. A dictionary attack is very fast, even against salted password hashes, and even faster again NTLM passwords. But it can only attack hashes, since they're pretty fixed in their parameters, while for encryption there are a lot of variables, such as key length, algorithm used, and which block mode is being used (CBC/CFB/CTR/...)

I have never used this application, but just reading the docs tells me that the answer is no. This is a password cracker that uses brute force to decrypt a password from a file, eg the passwd file in unix. It doesn't break or recover a password used to encrypt a file itself.

In such a very simple example, why not try it yourself and post back here with your test results?

I have a encrypted file by gpg application, I want to decrypt the file with out the password, using john the ripper. If you think this is very easy, then please provide the steps.

I think every one except you told that it is not possible.

Thanks
Joy

---------- Post updated at 05:22 AM ---------- Previous update was at 05:14 AM ----------

Is there any way to decrypt one file with out knowing the password, provided the its encrypted using gpg application.

Thanks for reply

Joy