**Unfortunately, the version of John the Ripper in the lab environment is very old and lacks support for the `mask` parameter, so this section will be for information only.** In this section, we will briefly introduce [John the Ripper](https://www.openwall.com/john/), an open-source password cracking tool (officially termed a "security auditing and password recovery tool"). The following exercises briefly illustrate its use. First, we can calculate the hash of a readily-crackable password: ``` echo -n Qwert56 | md5sum | tr -d ' -' ``` This pipeline computes the MD5 hash of the (rather poor) password "Qwert56". The `-n` flag tell `echo` not to output a newline (which would affect the hash, since it accounts for all bits in the input). The `tr` command at the end of the pipeline removes extraneous output from `md5sum` leaving just the hash as a hexadecimal string. Copy the hex string from the output before proceeding (just the string, without any newline!). Next, we can run John the Ripper on the hash to brute-force determine the original password (the command is simply `john`). Run the following command, which will await your input: ``` john --format=raw-md5 --fork=4 --mask="?u?l?l?l?l?d?d" /dev/stdin ``` Then paste in the MD5 hex string from before and type Ctrl-D to signal end of input. John will then search the specified space for passwords that produce that MD5 sum as output. The `mask` parameter allows you to specify a pattern or general description of the kinds of characters that should be tried at each position within the passwords being generated and tested. Some example pattern characters: * ?l lower-case ASCII letters * ?u upper-case ASCII letters * ?d numeric digits * ?s special characters such as punctuation (all printable ASCII characters not in ?l, ?u or ?d) **Exercises**: Comment on the likely patterns that would result from password requirements such as having a minimum of one capital letter and a minimum of one digit. What effect would this have on the password entropy?