A patch to force john the ripper 1.7.2 to forget passwords
Below is a simple patch against john the ripper 1.7.2 to ensure it forgets cracked passwords immediately.
Why was this done? For security compliance it's often necessary to test user passwords for strength, users with weak passwords should be informed and asked to change their password immediately. However the security auditor should never know user passwords. This patch alters john in such a way it replaces all discovered passwords with the string "CRACKED".
You will also need to apply this patch against john 1.7.2 as follows:
Please note that the patch above is for an old version of john the ripper and may not apply to newer versions.