Date: Fri, 8 Feb 2013 16:48:34 +0000 From: Jeremiah Grossman <jeremiah@...tehatsec.com> To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com> Subject: Re: Password Cracking a DMG... On Feb 4, 2013, at 10:52 AM, Jeremiah Grossman <jeremiah@...tehatsec.com> wrote: > > On Feb 1, 2013, at 3:12 PM, magnum <john.magnum@...hmail.com> wrote: > >> On 29 Jan, 2013, at 22:10 , magnum <john.magnum@...hmail.com> wrote: >>> On 29 Jan, 2013, at 21:01 , Jeremiah Grossman <jeremiah@...tehatsec.com> wrote: >>>> On Jan 29, 2013, at 11:18 AM, magnum <john.magnum@...hmail.com> wrote: >>>> >>>>> On 29 Jan, 2013, at 19:09 , Jeremiah Grossman <jeremiah@...tehatsec.com> wrote: >>>>>> from run/ >>>>>> >>>>>>> $ dmg2john aes_256.dmg >>>>>> Segmentation fault: 11 >>>>>> >>>>>> Same issue as yesterday. "aes_256.dmg" is a newly created 15GB DMG encrypted with AES-256 (OS X 10.8.2). No data contained within. >>>>> >>>>> That should be "./dmg2john". Maybe you just didn't copy it verbatim? Otherwise, maybe you actually did not run the newly built ./dmg2john but an old bad one from somewhere in your path. >>>>> >>>>> magnum >>>> >>>> Positive I got it right. I was just snipping the command line for brevity sake. The dmg2john I ran was in the run/ directory automatically built during compile of JtR. >>> >>> I figured so, just checking. I will try to reproduce the problem and debug it. >> >> >> For people not subsribed to john-dev: This is resolved in latest git. The dmg2john bug was fixed, and then we realized both dmg2john and the format blatantly ignored the iterations count - which is bumped a lot in later OSX versions (it was hard-coded to 1000 while newer Macs produce files with over 200,000 iterations, and seemingly depending on available CPU power at creation time). Finally, some known-plain stuff was tweaked. >> >> So the good news is everything hopefully works now if you check out a Git Jumbo. The bad news is with this high iteration count, you get about 5-10 c/s per core on CPU. Using OpenCL and GPU we can get a little more but this is the toughest format I know of right now. >> >> magnum > > > Downloaded the new version. Ran dmg2john across several different sized AES-256 DMGs (100MB, 200MB, 15GB) [no data]. Successfully cracked the password on all of them. Hooray! > > Now, onto the the "real" one. ;) > > > Regards, > > Jeremiah- My story has a happy ending... Password Cracking AES-256 DMGs and Epic Self-Pwnage http://blog.whitehatsec.com/cracking-aes-256-dmgs-and-epic-self-pwnage/ If the missing characters of my partial password had been 7 characters, not sure it would have been. Thanks everyone! Regards, Jeremiah-
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.