Date: Sun, 22 Jul 2012 14:56:39 -0400 (EDT) From: "Brad Tilley" <brad@...ystems.com> To: john-users@...ts.openwall.com Subject: How To Use the new TrueCrypt Format in JtR John Users, I wanted to post a quick note about how I've tested the new TrueCrypt format that Alain just recently posted. Here's what I did to build and test the new format. 1. Get Alain's zip file attached to his original post. http://article.gmane.org/gmane.comp.security.openwall.john.user/5320 2. cp the two c files within the zip to the src folder of john-1.7.9-jumbo-6 3. Build/re-build JtR as you normally would. 4. Build truecrypt_volume2john.c gcc truecrypt_volume2john.c -o truecrypt_volume2john 5. Run truecrypt_volume2john on the TrueCrypt volumes you wish to crack. truecrypt_volume2john sha512-aes.tc >> tc_john_hashes.txt truecrypt_volume2john ripemd160-aes.tc >> tc_john_hashes.txt Note: You may do this to multiple TC volumes and append the output. 6. Finally, run JtR against the output file. john --wordlist=words.txt --format:tc_whirlpool tc_john_hashes.txt john --wordlist=words.txt --format:tc_sha512 tc_john_hashes.txt john --wordlist=words.txt --format:tc_ripemd160 tc_john_hashes.txt 7. Here are my performance numbers. Notice it loaded eight hashes. I ran this on the output from four TC files (but each file may contain a normal volume and a hidden one), thus there are eight possibilities. Loaded 8 password hashes with 8 different salts (TrueCrypt [RIPEMD160 AES256_XTS]) 123 (truecrypt_normal_volume) letmein (truecrypt_normal_volume) // This is a hidden volume guesses: 2 time: 0:00:00:08 DONE (Sun Jul 22 14:27:08 2012) c/s: 12.59 Loaded 8 password hashes with 8 different salts (TrueCrypt [SHA512 AES256_XTS]) 123 (truecrypt_normal_volume) guesses: 1 time: 0:00:00:01 DONE (Sun Jul 22 14:27:18 2012) c/s: 59.09 Loaded 8 password hashes with 8 different salts (TrueCrypt [WHIRLPOOL AES256_XTS]) 123 (truecrypt_normal_volume) guesses: 1 time: 0:00:00:02 DONE (Sun Jul 22 14:27:33 2012) c/s: 36.11 I hope this helps John users who may be interested in TC cracking. Brad
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.