Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 6 May 2011 23:20:53 +0400
From: Solar Designer <>
Subject: Re: "SSH private keys cracker" patch for JtR [first cut for GSoC]


On Wed, Apr 27, 2011 at 09:10:09PM -0700, Dhiru Kholia wrote:
> I have re-based my patch on top of john-1.7.7-jumbo-1 and also have
> cleaned up john.c, loader.c as suggested by magnum. New patch attached
> and uploaded to the wiki.

I just gave this a try (the john-1.7.7-jumbo-1-ssh-06-OpenMP.diff.gz
revision, actually).

Overall, it works - thank you!  Here are some comments:

It failed to build with OpenSSL 0.9.7m (as we have in Owl 3.0).  At
least some of the build errors looked like they could be avoided with
little effort.  Anyhow, I upgraded to OpenSSL 1.0.0d (the Owl-current
package) and it built fine.  When I roll it into a revision of the jumbo
patch, I'll need to specify the minimum version of OpenSSL required.
So far, it's been 0.9.7.  It looks like it will be at least 0.9.8 now,
but it could as well be 1.0.0.  I'd prefer it to be the former (in fact,
the oldest version reasonably possible), and I'd prefer to know for
sure rather than have to say something vague like "0.9.7m is known to be
too old, and 1.0.0d is known to be recent enough; versions inbetween
these may or may not work".

"unssh" does not validate its input file format at all.  When I ran it
on a SSH-1 private key, it produced a "$ssh2$" line anyway; then "john"
printed an OpenSSL error on that.  When I ran it on "john" (the program
binary), it produced a "$ssh2$" line again, which resulted in a segfault
when loaded into "john".  Obviously, there's room for improvement here.

A test SSH-2/RSA key passphrase on an OpenSSH-generated key was cracked
just fine.  The speed reported while cracking was somehow almost twice
lower than one reported with "--test".  I did not investigate what
causes this.  Are the test vectors somehow of a faster to crack type?

Thanks again,


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.