If a hash has already been cracked, what does John the Ripper do when you run it again?

Study for the SANS560 GIAC Penetration Tester (GPEN) Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

If a hash has already been cracked, what does John the Ripper do when you run it again?

Explanation:
John the Ripper uses a cache of cracked results stored in the pot file. On a subsequent run, it checks this cache and marks any hash whose plaintext password is already recorded as cracked. The cracking engine then skips those hashes and focuses only on the ones that remain unsolved. This saves time by not re-cracking hashes you've already solved. It doesn’t purge or prompt for confirmation by default, and it isn’t about loading only uncracked hashes in a separate sense—the key behavior is that already-cracked hashes are ignored during the cracking process.

John the Ripper uses a cache of cracked results stored in the pot file. On a subsequent run, it checks this cache and marks any hash whose plaintext password is already recorded as cracked. The cracking engine then skips those hashes and focuses only on the ones that remain unsolved. This saves time by not re-cracking hashes you've already solved. It doesn’t purge or prompt for confirmation by default, and it isn’t about loading only uncracked hashes in a separate sense—the key behavior is that already-cracked hashes are ignored during the cracking process.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy