Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 09 Nov 2013 22:32:32 +0100
From: magnum <>
Subject: Re: Re: gpg requires more test vectors

On 2013-11-09 03:15, Lukas Odzioba wrote:
> 2013/11/9 Lukas Odzioba <>:
>> I have a problem with generating keys in batch mode, somehow such
>> generated key is not crackable so I am doing something wrong or we
>> have some bug.
> The problem was that for most of my testing I was using MD5 hash which
> seems to be only one broken.

We should create an issue for this. Are all MD5 ones broken? Are there 
no MD5 in current test vectors?

>> Since gpg2john supports gecos field and password is embedded in
>> comment john should crack all loaded hashes.
>> I have no problems with keys generated by "gpg --gen-key" interactive
>> mode, but it would be crazy to do that manually.
> I made invalid assumption above, single mode didn't handle that.

Why? If the password is embedded in [counting from 1] field 1, 5 or (I 
think) 6, it should be tried by Single mode. At least unless it contains 
what Single mode considers being separators - it may need to be in first 
field then.

> $ cat ALL | sed 's/.*(pass is //' | cut -f1 -d')' > wlist
> $ cat wlist | head -n 1
> MD5-3DES-openwall
> $ ./john ALL -w:wlist
> Loaded 25 password hashes with 25 different salts (gpg, OpenPGP /
> GnuPG Secret Key [32/32])
> Press 'q' or Ctrl-C to abort, almost any other key for status
> RIPEMD160-AES192-openwall (RIPEMD160-AES192.sec)
> RIPEMD160-AES256-openwall (RIPEMD160-AES256.sec)
> RIPEMD160-AES-openwall (RIPEMD160-AES.sec)
> RIPEMD160-CAST5-openwall (RIPEMD160-CAST5.sec)
> SHA1-AES192-openwall (SHA1-AES192.sec)
> SHA1-AES256-openwall (SHA1-AES256.sec)
> SHA1-AES-openwall (SHA1-AES.sec)
> SHA1-BLOWFISH-openwall (SHA1-BLOWFISH.sec)
> SHA1-CAST5-openwall (SHA1-CAST5.sec)
> SHA256-AES192-openwall (SHA256-AES192.sec)
> SHA256-AES256-openwall (SHA256-AES256.sec)
> SHA256-AES-openwall (SHA256-AES.sec)
> SHA256-BLOWFISH-openwall (SHA256-BLOWFISH.sec)
> SHA256-CAST5-openwall (SHA256-CAST5.sec)
> SHA512-AES192-openwall (SHA512-AES192.sec)
> SHA512-AES256-openwall (SHA512-AES256.sec)
> SHA512-AES-openwall (SHA512-AES.sec)
> SHA512-BLOWFISH-openwall (SHA512-BLOWFISH.sec)
> SHA512-CAST5-openwall (SHA512-CAST5.sec)
> 20g 0:00:00:02 DONE (2013-11-09 02:09) 8.064g/s 28.22p/s 440.3c/s
> 440.3C/s SHA512-TWOFISH-openwall
> Use the "--show" option to display all of the cracked passwords reliably
> Session completed

I reckon the '-' chars is the Single mode problem.

> $ ./john -show=left ALL
> MD5-CAST5.sec:$gpg$*17*42*1024*002170c3c5778fdbeedd788a1eda3827ef7d6d73491c022d5b76d33ff70ccae8d243aab7e2f40afcb4a4*3*254*1*3*8*019e084555546803*65536*49afdb670acda6c6
> MD5-BLOWFISH.sec:$gpg$*17*42*1024*78974e8edc833372d5280c72af3699deadf6902e5f6f318c509f4e3a74ab5508c001b174028c5762b85b*3*254*1*4*8*05e135ef911c76ad*65536*a07c0f2a9ff58867
> MD5-AES.sec:$gpg$*17*42*1024*9ab2b332bac3025b1f70621b48aeb49e1af1435041afb3dba9176c7257f72a9db9a8bfb9efa1fd326ddb*3*254*1*7*16*7c3cedfeb3bceace051706ad45b4809b*65536*cd91cfa373e9538b
> MD5-AES256.sec:$gpg$*17*42*1024*0f99df2244628f19ddb6a103edef89fba4f3c347e78ef857dabdea0d6270946bf9a5af49f64d88dd7d84*3*254*1*9*16*1f78a0098bb4398f90fd7047a4fed4f5*65536*98e5173305268c69
> MD5-AES192.sec:$gpg$*17*42*1024*c5758fe02511b9066971e7300528d9913877ebdb8a9f8f9cec7354eea7208320e03c2de13640abf2817f*3*254*1*8*16*72deaef23475b122d865a8f0c7903dda*65536*2579bf43cba09570

I guess Dhiru had a hunch we needed these new test vectors :-)


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.