Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 10 Jul 2009 05:59:19 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: .LXV AES decryption

I was unsure about approving this posting, but since questions "like
this" are bound to come up once in a while, I thought it makes sense to
let them through and address them once in a while as well...

On Thu, Jul 09, 2009 at 09:33:46PM -0400, DanielDLC@....com wrote:
> Anybody know how to make John decrypt Lexar .LXV extension files encrypted  
> with 256-bit AES encryption ? I am using Windows  XP. 

The short answers is that this is not supported.  JtR is a password
security auditing tool (to be run against systems' user databases with
password hashes in them), not a key recovery tool for arbitrary file
formats (or whatever).

The longer answer is that JtR may be used as one of the components in an
"attack" against an encrypted file (or against something else, for that
matter).  JtR is quite good at providing a stream of candidate passwords,
which is desirable when you're after a human-chosen password.  You'll
need another program, specific to your target (whatever it is), in order
to actually test those candidate passwords.  In many cases, such a
program does not readily exist.  Alternatively, you'd need a JtR
enhancement that would add support for your target (a new "format").

Here are a couple of older john-users postings, which may be of some
relevance to the general issue of recovering passwords to something not
supported by JtR:

http://www.openwall.com/lists/john-users/2009/01/21/4
http://www.openwall.com/lists/john-users/2008/03/20/3

Alexander

-- 
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ