Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 13 Feb 2013 13:21:24 +0000
From: Nicolas Brulez <nicolas.Brulez@...persky.com>
To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: RE: RAR Cracking with JtR Jumbo (Files found during
 forensics)

Hello Bartosz,

Unfortunately, there were no text files with the password AFAIK.
That's the first thing i looked at, as well as traces of the password in memory dump. No luck :(

Nico

-- 
Best regards,

Nicolas Brulez | Malware Expert - Global Research and Analysis Team | Kaspersky Lab


-----Message d'origine-----
De : pierzi [mailto:pierzi@...il.com] 
Envoyé : mercredi 13 février 2013 14:15
À : john-users@...ts.openwall.com
Objet : Re: [john-users] RAR Cracking with JtR Jumbo (Files found during forensics)

Hello Nicolas
I had little expirience with trojans encrypted with so called FUD, as far
as i've seen passowrds for encrypted installation/updateds were
stored in plain text file next to archive. Passwords however were very
complex. I know it's long shot but if You still can access infected
machine, it might be worth to check for those text files...

best regards
Bartosz


2013/2/13 Dhiru Kholia <dhiru.kholia@...il.com>

> On Wed, Feb 13, 2013 at 4:38 PM, Nicolas Brulez
> <nicolas.Brulez@...persky.com> wrote:
> > While doing investigations, several RAR password protected SFX files
> were found on hundreds of machines.
> >
> > I have limited power for cracking password, and I tried "crark". Using
> my CPU I could only reach 245 c/s and my single GPU reached 1200 c/s.
> > I have tried several things: Some simple wordlist, brute forcing only
> lowercase, numbers, low/upp/numb/special and i didn't find anything.
> > I don't think the passwords are that complex, but the limited power I
> have probably did not help.
>
> Maybe Jeremi Gosney (@jmgosney) can help with the computing power part.
>
> --
> Dhiru
>

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.