John The Ripper 1.8.0 Jumbo - How to build on Mac OS 10.11 (El Capitan)

Posted by on Wed, Feb 17, 2016

John The Ripper is a password cracking tool. Compiling it for Mac was working fine until Apple removed the openssl headers. Here are instructions for building John The Ripper on OS 10.11 El Capitan.

I’m assuming you know how to run some basic shell commands in Terminal. If you don’t know what that is, and don’t know how to get a shell, then this won’t make much sense to you!

Before you begin, ideally, you should get all the tools you need to compile things on your mac. You might need to get XCode (from the App Store) and install the command-line tools. If you’re not sure whether the tools are installed or not, get a terminal running and execute the command ‘cc’:

$ cc
 clang: error: no input files

If you get a clang error message (this is good!) you have the tools, you have the talent; it’s Miller time!

If you don’t have the tools installed, you’ll get a pop-up window that asks if you want to install the command-line tools.

For this walkthrough we’ll download everything in to /tmp so my instructions can make use of absolute paths when making and patching JtR. If you downloaded elsewhere, just make a note of the directory.

This has been tested and is working on a freshly installed Mac OS 10.11.3 with only the X-Code and the command line tools installed.

Ok, let’s go!

1. OpenSSL version

First, identify your version of openssl to make sure we get the same header source code as the installed version. It should be the same on all the El Capitans, but just to be sure, open a terminal and run the following and make note (mine is 0.9.8zg):

$ openssl version

2. OpenSSL source

Download the openssl source from http://openssl.org/ - this will provide you with the missing header files - if you aren’t using 0.9.8zg, go to the http://openssl.org/ site and find the correct source download for your version!

$ cd /tmp
$ curl -O https://www.openssl.org/source/old/0.9.x/openssl-0.9.8zg.tar.gz
$ tar -xvzf openssl-0.9.8zg.tar.gz

3. John The Ripper source

Get and unpack the John The Ripper (JtR) source from openwall.com:

$ curl -O http://www.openwall.com/john/j/john-1.8.0-jumbo-1.tar.xz
$ tar -xvzf john-1.8.0-jumbo-1.tar.xz

4. Patch the MakeFile

The makefile that was included with john-1.8.0-jumbo-1 is missing some bits, read the patch if you want to know more:

Note - This is a legacy post. The step below contains a patch file that is no longer applicable and has been lost.

# Note this is a legacy post, the patch has been lost to time and is no longer applicable.
$ curl -O http://3583bytesready.net/static/john-1.8.0-jumbo-1\_makefile.patch
$ cd john-1.8.0-jumbo-1
$ patch -p1 < /tmp/john-1.8.0-jumbo-1\_makefile.patch

5. CFLAGS for OpenSSL includes

Tell JtR configuration where to find the OpenSSL you downloaded.

$ export CFLAGS='-I /tmp/openssl-0.9.8zg/include'

6. Configure and Build!

$ cd src
$ ./configure
$ make clean
$ make

7. Done

If you don’t get any errors, you’re (probably) done!

The files for your JohnTheRipper are in /tmp/john-1.8.0-jumbo-1 and the executable files are in the subdirectory labelled ‘run’. Test it out by doing:

$ /tmp/john-1.8.0-jumbo-1/run/john

If you get a bunch of output, then it compiled!

Remember to move your /tmp/john-1.8.0-jumbo-1 directory somewhere OUT of tmp if you decide you want to keep it. e.g. To move it to your home directory do:

$ mv /tmp/john-1.8.0-jumbo-1 ~

If you want to temporarily add it to your path so you can just run the commands from anywhere, do:

$ export PATH=$PATH:~/john-1.8.0-jumbo-1/run
$ which john
/Users/YOURUSERNAME/john-1.8.0-jumbo-1/run/john

Happy cracking!

PRINT FRE(0)
 1078

READY.