Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 11 Apr 2017 10:39:42 +0200
From: Albert Veli <albert.veli@...il.com>
To: john-dev@...ts.openwall.com
Subject: PEM pass phrases

Hi!

I tried to generate some .pem files and crack the pass phrase with john.
The first one worked great using sshng2john.py
(pass phrase is albert):

ssh-keygen -t rsa

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,D5D108D84C79EA0915DA88B1261D1C23

DgGA4+fzXE6OFQAYCuzE5K5+AQv5Tccxo0bYV/a+i9MWKhohXredASO6O2Kew5tE
EIftrg0gD/hveSoDMIV0/TukgSQTryhYNAzibEVXPJ1/8XDg9xChM0QOiz9IUejK
7q5CEUdbu2Ev7OopfRBHmrvYbXG2CGan0GEECu5+qnm9GtaXcqlMEu+SH7oDrFHZ
QHsUBmzovjtlVr9pNmGnwdicQxxsNhxUuxSIB3Qqyo7ds6ALH1XglKw+doHrq3Ct
3cjhb8YScE5eCcKKXoe5nLdbn+h9Z2RY/oMs2yRJYkPAtMTcQz5E85pIzImV9Clu
M+z1baFUpE00JqTuZgAsTM0f7dgpy43lHl60M95tsDwmYgeMS1FK/LLUP7CLmjVq
dYXL7uMJoX8cOyNIs3lHEVxIJHVg7IwE6hoUBikmHXjSQHe50WpO8foWHXNu4L3i
UIS67boqAxK7hQB7na6Sj6IaRS9UCDFDfCvCsKIjiKaR1wNrxmo3UVM1JtrWQdg6
u0ZqMuy2SfwJaKVLmP4l+GPlBNDFsYaYmrEph81OvEo7HbPgdVpymWhlfaKeCa5j
0lW95Al5nMrsr4TmsQmfKdE1iyoGrGk1xsLp9zBjazVJE6lM0wSIt+Xi56XwuT0s
mBQSwULfqF48c4DJgI/l8GnCm50vHUV4V66nc0yzXKlWRZYKi8i/YAkLxoJgBgBM
8Ob8kd55IO6UT/Oj1H/tTZIyPnH3o/s1hLg29+eP52eyckY+DaEJ37lkxftTkxPV
3WCPruPnWaQmTm+fEqbXa2ctngEXayCZiB+FweYhLW3tq/6mjKa6b6i90vxz9Jt1
vT2P+SKZX2e7Qjn8E9HqONMpXtrH0tauxvoKMrawWe13oNI083oG2TeMhAsqGIUb
1NZc/jGO4rqTUwmrCcuRL+Np8xx5Dm5YoMuBZisp8VuR2wlGgRW8uwvY9gykGelA
y0nX4/2lrhUxBV6xjKQv1j06b96oNDJYl4Hb+1RaXkMH9cngkcnY9IQzYyZwYeas
O5JiL+90FynSD3RzRqrTtzv0nnWxMubVwd1zQGt7dI5wMzFVmsRILhfWJLiIhB6+
jRtdsMEGIbUVYpLApNaWBSSlR7vy3nKFQPWV+QhfAOxXN65INLApln9k+yY6hVcE
RdBZ4ldVHHSpMRhBYa/cclHPQkBq3cAKmsFJdKuG5PPm1CvsWdXU1z3ltupXUGdg
DisJL0CVCp3fG0SQh0xzvp7FfFrtiRNNs5KtTxNqdsUchAETN+jE6uFLaheTqUGl
OwQOjAoQywT+vaO3w7xUHIaRBzvbTeTtwuP8BNpORJ8gHm8OUGPCrUH5mL9//Ylw
Dew+Biyy2JZGyXqBgAfX9o0UD2lwNsKi0krhZ1gAMeWsOzuKIt7+IfaEtOKReQVL
8D4i6UDbddydzuog7WHMZblJbrEndUprdl0AcEfbRTxDFUZIF66ThwLG2Wt0ZndG
E8xqmhw6nd42busPwdxDCWIX612BPSXuBVz/shRaX73/M5d1+o2Yk8WSAcC8JmrG
kce9UUzHFp9KxcSzTbkNBfCmby2UetysK9BPPTZoE/p5HMpdgG4blodtLZY48pwl
-----END RSA PRIVATE KEY-----

But the second one didn't work:

openssl genrsa -des3 -out albertdes.key 1024 (same passphrase)

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,F1621D1A561534C3

qxkl7AAmdURduYnyWRpb96MagOEBMbbuuyC8LStw4qIfQxv8cCKPOHO04LuQIVah
z4KdUPoJvANdXd8E8qQD9P17/jK1IZ1sdN1ZTQur0H4oB1vk7vbwFdHOW+kfzYGl
X4hthnmV1HGb2OCJDo/kyKvBcdJyRC4caAWynhy5lqKyzT6C5w3wJw2Y2IyM0yoR
ZOvm4TkOZM4VzBZgVCgWGaElv0d2x0M89lOofUDTrmtJTVNsLSl05pfTS4llI52X
bp4dij8VA8e7brrNj4UvZbluWOWigEEep3N7oUEOwnNyKxs7kcg+ukw6DBh7472w
XT/pvlXPveUBrcj/b/JX7L1O/OuNjnqFmvQRVls/P7D8PZ3wVqJlg27BiyNPe2lW
pCAq515e0okNM+mrs1V2PMVkOFCaGZxP4+SOEvo/bMLlX487E0ui3sh7TTfWIJu/
hIJtdMrA2Wz0MDZUw2R27cOPdQ1NfQpJWqxfbsj/xvzOtIKYW4Fjb7ZvBVAtAMAO
Xos5oXr+RvrxisWQy0/VnPiLYiCTeMR750uQKVa1Vb3quhT0R6iw5FIuptD0kgRf
OxSknD19n2zT+Hgssfzjus1X5x6RhyalFKOaR0ZhxpiXlqn6sdj2zGhLSWPO2Zgq
Ae5Q4HaTffzMSh0AhwsjjzD8T6JY3Wpi08enm7nyOwviUmG/IiaBhZBY/FZmDVkS
TRFNdSjpi4wuuNRlUUiUpnlrB/JEu4M0u0pEAkXVqUKgX9QBY0y8bzLuIjtOxJRG
/Q/Csw7QUySDe6iiQVwjvE/FJu4VdmxqKQR7pbsF84oSIWDtkcdprg==
-----END RSA PRIVATE KEY-----

Both pem-files generated output from sshng2john.py

16
albert.key:$sshng$1$16$D5D108D84C79EA09 ...

and

24
albertdes.key:$sshng$0$8$0E4145493DA90ABE$1192$e ...

but only the first one was cracked by john (
https://github.com/magnumripper/JohnTheRipper.git bleeding-jumbo branch).

Did I do something wrong or is it some mode that is not implemented yet?


Regards,

Albert

Content of type "text/html" skipped

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ