Date: Thu, 7 Mar 2013 07:00:08 -0500 From: Rich Rumble <richrumble@...il.com> To: john-users@...ts.openwall.com Subject: Re: [question] How to crack a specific ssh key pass On Thu, Mar 7, 2013 at 4:44 AM, Thomas Fétiveau < thomas.fetiveau.tech@...il.com> wrote: > Hi ! > I've just discovered john and I am trying to retreive a pass for one of my > ssh private key. > I've tried the incremental modes but there are limited to 1 to 8 length > passwords. > You'd have to edit params.h and compile your own to extend past the default 8 character limit. Then you have to generate new .chr files to use in incremental mode, as well as make some john.conf edits. > The password I'm searching for has between 10 and 16 chars and is composed > only of these characters: [a-z][0-1-3-5-6] (actually, even less, I'm sure > there is no 'w', 'x', 'y' nor 'z' letters). I've read that searching in incremental modes for more than 8 characters > doesn't make sense because it would take too long. > There is a vareity of ways you can go about this, extend incremental, or create word list rules that will create candidates that fit the pattern. The pattern you've listed doesn't seem too complex, and JtR could easily create a rule for that. Do you know if you need to toggle any cases, or will it be all lower? Have a look at the RULES file in DOC, or let us know and we can help you write one. > But is it still true with the range of characters I have ? ie: about 28 > different chars > You can certainly reduce the number of characters that incremental uses, though you can't specify the 28 characters to use, John will eventually try the ones you want, that is unless you train your .chr files against a list of strings that only contain those 28 or so characters. > If it would still make sense, what should I do to make john searching for > this password ? (I'm running it under windows) > On a side note: I'm running under a multi-core multi-threaded win 7 64 bit > and the john-opm.exe doesn't use more thread nor core nor CPU usage than > john.exe (the both use just about 12,5% of my overall CPU capacity). > Not all hash types are built for OMP, but SSH seems to be listed as one that does support it: http://openwall.info/wiki/john/parallelization?s=omp#Built-in-parallelization-with-OpenMPI'm not sure why it's not going for you, what's your command line look like? -rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.