Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 29 Jul 2012 13:37:08 -0500
From: Jeffrey Goldberg <jeffrey@...dmark.org>
To: john-dev@...ts.openwall.com
Cc: Dhiru Kholia <dhiru.kholia@...il.com>
Subject: Re: Agilekeychain c/s oddly not dependent on PBKDFD2 iterations

I created a 1Password Agile Keychain with the password "fred". 1Password created it with 20920 PBKDF2 iterations. Although "fred" is included the password.lst, JtR (magnum-jumbo) failed to find it (If I am reading the output correct).

./john --wordlist=password.lst   -fo:agilekeychain-opencl ~/Work/AWS/JtR/fred-21000-agile-jtr.txt
OpenCL platform 0: Apple, 2 device(s).
Using device 0: Intel(R) Xeon(R) CPU           W3520  @ 2.67GHz
Compilation log: <program source>:304:16: warning: comparison of integers of different signs: 'int' and 'unsigned int'
        for (i = 0; i < keylen; i++)
                    ~ ^ ~~~~~~

Loaded 1 password hash (1Password Agile Keychain PBKDF2-HMAC-SHA-1 AES [OpenCL])
guesses: 0  time: 0:00:00:45 DONE (Sun Jul 29 13:13:06 2012)  c/s: 77.79  trying: 123456 - sss

I'm attaching 

  fred-21000-agile-jtr.txt

which is the output of running ./run/agilekc2john.py. Again the 1Password master password for this is "fred" (without the quotes).

I will try to create an agilekeychain with 1000 PBKDF2 iterations, but that requires an old version of 1Password. (More recent versions determine the number of iterations based on the hardware it is running on. There is no user control of these.)

Cheers,

-j

/Users/jeffrey/Work/AWS/JtR/Fred-1000.agilekeychain/:$agilekeychain$2*20920*8*2f8ea2b41471f823*1040*695689bf46517d316b5568cf1519071c957d972c22c1972f156dd4ce0f5fa861d132eb9c1854e9cb647b5d182eb4521ef9708ca6e4ccf41e4a1e21cb88ddfa3621d05c2a9c9cfd472813f3c5b82e73d5e39e427aacf1a9bd7d827819853ecbf35223ed2006133ccbe0e2a251a8aeab6683b36ab44e09d2b74bacd6b8af169692e9e0c50905a73d183f56a5391088b08c0d3eb2496dccf2c73b9dbdadfe368ba3ab33c49894f731c1f81a0f6e528f3445f332da58a95ad96dcb5b078bcdf41ca2acc59c7b2ab49e6ea08a51821c3ea10c3f1a03d52fb13a8d49d29997627d941c9128603c85c8fa5220e449ebbd55cbd7be6b4a4a6ee95b129c69aafbb8a48949fa6f079e913cf99dd8d9967f58408269b3efadc0678b88c327d9ce1e93438f20778fe0321220fdcadf709b00e8fecfe88f435bc016c35ef553084691cd770348b6e089ede77169110aae5140d0ba6cf90c7dbacbb2939c679fd6fd9b95403577b8c1265ecfafd8cde15e40a39867513cfac17edfad122ed70693fa21f586879b7d80406cf7c106153da8d02a5a3ad0545260539477fcfae229064a5ef841552e568c75497d72a895862c25c7474a3c5b5e83656fb2f276a34b1b06f832360b051ee70234faef8f005bd78a250009bfc7f48ad7ddc3c73bc1a4cebf8bd5cf8df1ba2d64f1659efc7db8a3237594a5a31192a728820ecdbded56b6d47e417063c4e1cf77619b3d4e3b1de68433b3d65c0d21358443407f8b8d7ccb785335cefd9e497d31eebe23a681bfc1f07c52208e52a9099a095ca836044d8c5022e2039cb3e9cb2cfeecac4f5c371467d7308644b6add5e93fc49958611c7f80023f4d67102d0e3dd2c5ffeb4dc437e94ca976ea732fc3cf100407fcad323296a7af7aa292c1453e258a9d3ec2576cb3dc5d7552bb3255d43aa20613bd6e6da5460ea89ff59e6deebce96fc6885a4453b3c9ca99e9aa018998de13b2f513bbce3f28d1dec0da8849133b0eda8583ac671467991f10ad18f65f26d73face7cc352a61ce8e9f9eaac83b7a7a9428f2f43e80cf24a8baddce1880913c01bc7da2a91c63743bd69d89ef15cccb3d221ca87a346fb54567182f60a5a53d454185faf5199da8a66e09dc8dbed8bb279a464887e63ddf1dae842a20429ba6d509a16f6f4119208be0fa7c8ee9ea1b37166df206144425a7a7cad42aed5b21f6d6563a17e6a11bdf8e795ca6fd40cbf40ad96f9a16cdee46369d9112867e4e03b0e846fdaf1b40e6d42bbc06b9ba28f10cbef20c7c4ca117f9075b5f9960c666336c15a0d497c71ddc1b6c809dd0311ad08c62d960e3e83e2ebe10eee470e7af8cc7f3b7e2a7eeb6e2636050da416d9c7855a46181301b6bdf73eaff5888d844bde5f8430b4ca8755678f99cb140f508e1471152d9fc54d08678adef19345f58d0b9eb7ccfb2d7ea88af15252dd7576ec8183c943739c8f56d*20920*8*2c5bb8fcd8e04c1e*1040*cb001824ffc41c4de0a3569006f8fb3b43ccc3ccf562c96a8a4c551aa538883c9e87a788190fc5a1f63e97f42ab6d27a9475ce13cdd793f2b67d93940cb69dd6f1d84d07398d1e02a5416f861b6675a85e77c6a0ff14cb740306b8b482859a72f0845f9683a8473d8863c4d1cd3abd31aba2091d7840ee00be2b1fe9325fa57cf89647f09c9db2e082dd267279919e1f478d92084b0179dfee261cd196d75978f651995350300419c5791a61abbb808ad841de0eb62b0105cdae0f5fc3ef6eb28ea686e165896757ad4c2942025151359e12c5ea3534b3cc235e1cbc2b12344b0b42331f9edea656093cc87e0aa3bacccd4c1651b48f80218434918923f8c907872c6b70a0f485e7fa64824abe3f1d12acbf2cb73312ce9cedfd042ec45ee64415caa3d46c4f9482cbaa2f2167bd55bad0432c6413749f1e93fdbbf89a0e3d9dab3f7a8838bedc6bcb73958fa86a45d158480a286c0adb4758c265bb75845cb61d863a4a69cc9fc05fc3b5ed6f4124c0bb94a66a82810f2e2c2337dde4c00d861cce6e66101e2093ccbe7dd2a48bea9d0af233543a78b67fdb60492a1ddf8313a410f3265a14de0df9818d588005b0271c71f15ba96bbdcf495e62f5629511ed924a5c92b37082d11906352b5db92331a933c4b2cc002ab81ce83f6462d12f8f1f3f9a61c812db4729a09e5c9ec291116f899517ab5dd6ecb13c13673d7555077e5edbf6e032b42f5994c71e50f7d09a6dda8cc7e8d73d0e212e5f8cb66ac77f730ea0367e840ac5fd9bb9871b50d97e1ea3e55999029053d04d9ba9e0cea7b17f2de2f3057c666c601d3a4c2a66a6aec4d53453365b498cea3720eaf68fb03456a78ec9ec9c9bd09846f841b887ab787ee9f46b8567fa122e5f3b0955585d0cd5a5e73d929019ebdfe431264162239223e7b7a2408cb69f9023bd335c4acdc84cb9a8c663b6fd6da6dc4ae44af11129af33888e88e8171310f63b69aaf36a479fef04a2e74e512c41d398977e355d197df1514c5e434837071d8a8bef6b3192df998122115e626beed0755f51e9339b862018efc25a1a9d542db4e04541e15aa98f354a53dd021c7ffd4aaca18217e337682e6bbb74eadd46d55620cdcfd12aacc4a787e160ef53e978e6a0bb37c20b4f52d2ca9a7e1b5052d6f94db6bd37f6cdf4bd94fa139fb6bbb291db95e0e7cb9b3ab4ebf60fa63f87cacf7b918fa4507f263d3e4cc1b6f5d7a73dd22b0567f9bb8ed502e9cf459cb57ff83978c0b1807865054888af15dedd242d68a9aba15e228991655d41fde3d31c23920432b26f4d068a9993f327841604284cf33fda9c543396f7984d044cc4cf149633c5d9aad93501dc7c29250dfc78b33f2b162903b0ab9e606e8397c54763fdc58723eb6951f1de97a605dd4bf890f5a28f320fca66bcfd725073cb018f1af84c1fa8a6e70f2c5a30adaf3682dd63d13daa84b446





Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ