Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 28 Oct 2012 19:28:07 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-dev@...ts.openwall.com
Subject: Re: ssh_fmt / privkey without using high level OpenSSL functions

On Sun, Oct 28, 2012 at 5:44 PM, Dhiru Kholia <dhiru.kholia@...il.com> wrote:
> On Sun, Oct 28, 2012 at 4:03 PM, Dhiru Kholia <dhiru.kholia@...il.com> wrote:
>> I tried to re-implement ssh / privkey format without using high level
>> OpenSSL functions. However I didn't get a speed-up over JtR's existing
>> ssh format :-(. Code is attached. Feel free to re-use it.
>
> Update: after some hacks, it seems that it is possible to get 4.5X
> speedup over existing code. Attaching latest code.
>
> However, I am getting some false positives (during actual cracking).

Attached fixed version.

✗ ../run/john crackme  # on triple core 2.8 GHz CPU
Loaded 1 password hash (fast SSH RSA [32/64])
guesses: 0  time: 0:00:01:39 0.00% (3)  c/s: 1573K  trying: MoDY9 - MoDsp
guesses: 0  time: 0:00:01:56 0.00% (3)  c/s: 1574K  trying: kowneS - kowB7e
guesses: 0  time: 0:00:01:57 0.00% (3)  c/s: 1573K  trying: n6E2 - ntCx

For some reason, benchmarking speed is very low. Actual cracking speed
is nice :-)

You can tweak "#define SAFETY_FACTOR	32" to reduce false positives at
the cost of speed.

-- 
Cheers,
Dhiru

View attachment "fastssh_fmt_plug.c" of type "text/x-csrc" (18865 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ