Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 26 Apr 2011 15:17:04 -0700
From: Dhiru Kholia <>
Subject: Re: "SSH private keys cracker" patch for JtR [first cut
 for GSoC]

On Sun, Apr 24, 2011 at 12:08 PM, Solar Designer <> wrote:
> I haven't tested this yet (sorry!), but I am going to start to impose
> some quality requirements (I think it's time).  Please see below:

> The "unssh" program must not directly write into any files.  Other un*
> programs don't ("unique" is an exception, but it has a reason for that
> and it uses O_EXCL). Instead, it should print to stdout.
> You also don't need a file with a list of filenames - you pass those
> filenames via the command line.

Fixed. The new "unssh" tool takes a list of filenames (as arguments)
and writes its output to stdout.

>> 3. Run JtR as "john -format=ssh sshdump".
> The format should be autodetected due to the "$ssh$" marks, though.

Auto-detection added.

>> Bugs:
>> 1. "john -format=ssh --show sshdump" doesn't work currently.
> This will need to be fixed.  Why doesn't it work?  If you do everything
> right elsewhere, it should just work, with no effort on your part.

A silly bug (missing newline handling) in my code broke "--show". Fixed.

> More quality requirements:
> Please license your code such that it's usable (both by end users and by
> others working on JtR):
> Please start to use the proper source code style.  The coding style of
> the official JtR roughly matches these "indent" program options:
> indent -kr -i8 -nlp -nbbo -l79 -lc79
> (these are given in Owl/doc/CONVENTIONS).
> Please start to upload these patches to the wiki, to the patches page or
> to the non-hashes page (your choice).  Also continue to announce them in
> here.  When you have substantially-improved "stable" versions, then also
> announce those on john-users.

I have tried to address these issues in the new version of the patch
(attached as well as uploaded to the wiki).


1. Run unssh on private key file(s) as "unssh [key file(s)]". Output
is written to standard output.
2. Run JtR on the output generated by unssh as "john [output file]".


For a while, I am switching to "adding support for FileVault and
archive files cracking" activity. Will revisit this patch later.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.