Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 18 Jun 2018 20:13:52 +0000
From: crack.cast5@...mail.net
To: john-users@...ts.openwall.com
Subject: Re: CAST5 GPU cracking

Just a quick followup. I was able to use PGP for Windows 6.5.2 to  
generate a key which was just cracked with JtR.
So the way I am using it is ok. 2.6.3 doesn't work but 6.5.2 does.  
Neither are the same S2K/etc. format as my year 2000 generated key. So  
next I will try 5.
Posting this here in case it is helpful for anyone else.

-----BEGIN PGP PRIVATE KEY BLOCK-----
Version: PGP 6.5.2

lQHPBFsoASsRBADoCNpu43fmKunEva2dNC7DWpwL2V755dYdK7KI3KEAj5UnNU0m
GOM78forU0UnmQmAJ7d2/SuVJM9UU4KZBQJDocuSN+ItULHQ9IqFpb0/oXbxXP+C
WG/1CZIGTtnaGnxFhGY7IqWB+adK6BFWvbrCbivKf73+s1zgSEjRFLZ4YQCg/2Nv
5Km6xg27gvcW1RWWdQDzye8EALFc2evLUZ0KaFjsGuT9Fj6r6WX+43mVikDxWtAw
M3ZLpH8VSXE28OZJYJ8nlpsThB6kkoDid/sZQE38N6VoKoDyyYxXiRGJgl4EzXA/
t1/7czePfe0B2/2qVNoPMXL5axzpAzsvpHd+y63o4CjEwfAQa51mSageu68rSQKd
NKaxA/9SQ/ScRM7B4sMHsxBJfE3ngPvgImaaa0Xy2AT4p/QV7h2iAi9bcxt/LR8A
uZPg0qUYU60yXeVrvbKhHT2kJ04gz+IsOo+Vh1IbauJPf0/OojwSatVh5CPfQG7T
J8I3xFEi2etri9vtBLtId8cHq9Hqaj0kb8g9NFKuo3TbMBuy9/8DAwJG9qaRiYBa
JGAP9UgDRaDrjg9gOoW2ZGfWOctCBdsolM+D9ISDfr06N7QEdGVzdJ0CUQRbKAEu
EAgA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstD
qZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryD
xUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSR
BzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGze
MyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1B
n5x8vYlLIhkmuquiXsNV6TILOwACAggA2vBCrejRWFOYxApdm3B9ybRQOyew1Sfv
qHA5Gfshz8oCISk7yjDaH3Biolk25W1FTnftVRDKYn2N93FZL1MkRIouUeR2AxyN
nwUsZwdhCvoUlsRMpTJCzrn9pXh2219oGBZZiyEZT2kAQ1D+JlBa5FWGnuYwn9z7
cBWWX0sH3KTK/F97/4uP99/MDiIi56AbkuB5HMVG2pj8fqx2D6JW3vc/o1GbkWVo
bBY/+Bbhl+Bc8flugug/QKAGBUbmEd1V5dN50qD9ylottyvtAiFcjW55kTmWlu4a
yTxvGaCekR7jHCVoEl2ANQNocc4vdLzwhlLcdqzJO4M8fBHmSKHRkf8DAwIVQc1B
ZRhjiWAOI548xW2DtsgFH+k0CaKxVkdRmO4cIXaxUm+OFAQg1auyHE5HODPJmpeh
b0hMRoiAeRLxijTn
=+oDo
-----END PGP PRIVATE KEY BLOCK-----


gpg --list-packets new2.txt
:secret key packet:
         version 4, algo 17, created 1529348395, expires 0
         skey[0]: [1024 bits]
         skey[1]: [160 bits]
         skey[2]: [1024 bits]
         skey[3]: [1023 bits]
         iter+salt S2K, algo: 3, simple checksum, hash: 2, salt:  
46f6a69189805a24
         protect count: 65536 (96)
         protect IV:  0f f5 48 03 45 a0 eb 8e
         encrypted stuff follows
         keyid: 19C1F9904A8D108A
:user ID packet: "test"
:secret sub key packet:
         version 4, algo 16, created 1529348398, expires 0
         skey[0]: [2048 bits]
         skey[1]: [2 bits]
         skey[2]: [2048 bits]
         iter+salt S2K, algo: 3, simple checksum, hash: 2, salt:  
1541cd4165186389
         protect count: 65536 (96)
         protect IV:  0e 23 9e 3c c5 6d 83 b6
         encrypted stuff follows
         keyid: 6E03C76DC03D77CC

./gpg2john new2.txt

File new2.txt
test:$gpg$*17*24*1024*0f603a85b66467d639cb4205db2894cf83f484837ebd3a37*3*255*2*3*8*0ff5480345a0eb8e*65536*46f6a69189805a24*128*e808da6ee377e62ae9c4bdad9d342ec35a9c0bd95ef9e5d61d2bb288dca1008f9527354d2618e33bf1fa2b53452799098027b776fd2b9524cf54538299050243a1cb9237e22d50b1d0f48a85a5bd3fa176f15cff82586ff50992064ed9da1a7c4584663b22a581f9a74ae81156bdbac26e2bca7fbdfeb35ce04848d114b67861*20*ff636fe4a9bac60dbb82f716d515967500f3c9ef*128*b15cd9ebcb519d0a6858ec1ae4fd163eabe965fee379958a40f15ad03033764ba47f15497136f0e649609f27969b13841ea49280e277fb19404dfc37a5682a80f2c98c57891189825e04cd703fb75ffb73378f7ded01dbfdaa54da0f3172f96b1ce9033b2fa4777ecbade8e028c4c1f0106b9d6649a81ebbaf2b49029d34a6b1*128*5243f49c44cec1e2c307b310497c4de780fbe022669a6b45f2d804f8a7f415ee1da2022f5b731b7f2d1f00b993e0d2a51853ad325de56bbdb2a11d3da4274e20cfe22c3a8f9587521b6ae24f7f4fcea23c126ad561e423df406ed327c237c45122d9eb6b8bdbed04bb4877c707abd1ea6a3d246fc83d3452aea374db301bb2f7:::test::new2.txt


./john new2.out
Using default input encoding: UTF-8
Loaded 1 password hash (gpg, OpenPGP / GnuPG Secret Key [32/64])
Cost 1 (s2k-count) is 65536 for all loaded hashes
Cost 2 (hash algorithm [1:MD5 2:SHA1 3:RIPEMD160 8:SHA256 9:SHA384  
10:SHA512 11:SHA224]) is 2 for all loaded hashes
Cost 3 (cipher algorithm [1:IDEA 2:3DES 3:CAST5 4:Blowfish 7:AES128  
8:AES192 9:AES256 10:Twofish 11:Camellia128 12:Camellia192  
13:Camellia256]) is 3 for all loaded hashes
Press 'q' or Ctrl-C to abort, almost any other key for status
test             (test)
1g 0:00:00:00 DONE 1/3 (2018-06-18 20:09) 100.0g/s 100.0p/s 100.0c/s  
100.0C/s test
Use the "--show" option to display all of the cracked passwords reliably
Session completed

Quoting Solar Designer <solar@...nwall.com>:

> On Mon, Jun 18, 2018 at 06:59:05PM +0000, crack.cast5@...mail.net wrote:
>> Is the old count really 65536?
>
> Yes, that's what old keys used (and many still do).
>
>> Is gpg2john tested with such old keys from 2000?
>
> I think so, but I'm not sure exactly with which versions of PGP/GnuPG.
>
>> Ideally I would download an older PGP and run a test
>
> Yes, you should.
>
>> but it is hard to find such an old version.
>
> No, it is not.  PGP 2.6.3i* from mid to late 1990s:
>
> http://www.spywarewarrior.com/uiuc/disastry/263multi.htm#download
>
> GnuPG 1.2.0+ from 2002+:
>
> https://www.gnupg.org/ftp/gcrypt/gnupg/
>
> You might run into minor difficulties building these on a modern system,
> though.  You might end up needing to tweak them or building/running in a
> VM with a similarly old system.
>
> Alexander




-------------------------------------------------

ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the NSA's hands!
$24.95 ONETIME Lifetime accounts with Privacy Features!  
15GB disk! No bandwidth quotas!
Commercial and Bulk Mail Options!  

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ