Distributed password cracker using myjohn
=========================================

Usage:
------

First you need to launch the server, the server arguments are:

        -f --passwdfile         password file.
        -l --lenmax             the maximum length of the tested passwords. [6]
        -m --markov_level       maximum strength of passwords that are going to be cracked. [150]
        -p --password           server password for this session.
        -P --port               port. [8080]
        -t --time               time in seconds before client timeout. [14400]
        -r --rangesize          markov range size. [100000000]
        -s --start              index of fisrt password.

Example:

./server_passwd.rb -f passwd_file.txt -l 7 -m 280 -p password

You must specify a password, this password is used to accept new client
connection.

Client side:

        -h --help               this help.
        -i --host               server host name. [localhost]
        -P --port               port. [8080]
        -p --password           password for this session.
        -j --john               john path. [./myjohn/run/john]
        -f --format             force ciphertext format.

Example:
./client_passwd.rb -i server.org -P 8080 -p password -j /home/romain/myjohn/john


Features:
---------

- The communication between client and server is secured using ssl.

- Monitor the password cracking process at this address:
https://server_addr:port/admin
To access this page you have to enter a login which is admin by default and
a password, the password you specify when you launch the server.

- Force server to reload password file by sending SIGHUP to him.

- You can specify a priority for password by adding 'priority:x ' at the
begin of the password line.

Example:

$ cat ./passwd_file.txt
priority:10 root:xxxxe1ylJxxx.:0:0:root:/:/bin/sh
priority:5 user:xxxxJngDZnxxx:0:0:User:/:/bin/sh
priority:1 nobody:xxxx7RfLkJxxx:0:0:nobody for ftp:/:/bin/sh
In this example for a complete cycle root password will be send 10 times
to the clients, user 5 and nobody 1. You should only use this option for salted
passwords.


Known Issues :
--------------

If you password file is very big, the server could be overloaded with found passwords
(the code should be updated to use a Hash instead of an Array) so you should first
do a pass with john (single, wordlist) to filter easy passwords.