Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 7 Mar 2013 07:00:08 -0500
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: [question] How to crack a specific ssh key pass

On Thu, Mar 7, 2013 at 4:44 AM, Thomas F├ętiveau <
thomas.fetiveau.tech@...il.com> wrote:

> Hi !
> I've just discovered john and I am trying to retreive a pass for one of my
> ssh private key.
> I've tried the incremental modes but there are limited to 1 to 8 length
> passwords.
>
You'd have to edit params.h and compile your own to extend past the default
8 character limit. Then you have to generate new .chr files to use in
incremental mode, as well as make some john.conf edits.

> The password I'm searching for has between 10 and 16 chars and is composed
> only of these characters: [a-z][0-1-3-5-6] (actually, even less, I'm sure
> there is no 'w', 'x', 'y' nor 'z' letters).

I've read that searching in incremental modes for more than 8 characters
> doesn't make sense because it would take too long.
>
There is a vareity of ways you can go about this, extend incremental, or
create word list rules that will create candidates that fit the pattern.
The pattern you've listed doesn't seem too complex, and JtR could easily
create a rule for that. Do you know if you need to toggle any cases, or
will it be all lower? Have a look at the RULES file in DOC, or let us know
and we can help you write one.

> But is it still true with the range of characters I have ? ie: about 28
> different chars
>
You can certainly reduce the number of characters that incremental uses,
though you can't specify the 28 characters to use, John will eventually try
the ones you want, that is unless you train your .chr files against a list
of strings that only contain those 28 or so characters.

> If it would still make sense, what should I do to make john searching for
> this password ? (I'm running it under windows)
> On a side note: I'm running under a multi-core multi-threaded win 7 64 bit
> and the john-opm.exe doesn't use more thread nor core nor CPU usage than
> john.exe (the both use just about 12,5% of my overall CPU capacity).
>
Not all hash types are built for OMP, but SSH seems to be listed as one
that does support it:
http://openwall.info/wiki/john/parallelization?s=omp#Built-in-parallelization-with-OpenMPI'm
not sure why it's not going for you, what's your command line look
like?
-rich

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.