Date: Fri, 15 Apr 2011 21:49:12 +0200 From: magnum <rawsmooth@...dband.net> To: john-dev@...ts.openwall.com Subject: Re: "SSH private keys cracker" patch for JtR [first cut for GSoC] On 2011-04-15 13:02, Dhiru Kholia wrote: > Apply the patch on top of jumbo-12 patch. See src/ssh_fmt.c for usage > instructions. Please note that this is a very early release. I have > also uploaded the patch to the wiki. Scary, LOL. I created a test key using "bingo" as passphrase and it was *immediately* cracked (at 0:00 reported time) and that had me a little bit worried until it turned out it's one of the 3169 absolute worst passwords you can choose, i.e. it's included in john's default password.lst. I have a reported speed of about 100K c/s, that's not very scary. I don't really like the odd handling (having an input file pointing at the real input files), but I'm not sure I can come up with a better idea myself. Maybe it'll turn out it's the best way to do it. One drawback is that when I created a second [same name, overwritten] testkey.rsa.pub with a stronger passphrase it did not load, as john.conf had recorded the *filename* from my "bingo" test. Anyway, really cool. Did I hear you say OpenGL? I'm sure I did ;-) Oh, and my second test is not cracked yet, after eight minutes, so I'm (very) slightly relieved. kudos magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.