Date: Sun, 11 Aug 2013 20:00:15 +0200 From: magnum <john.magnum@...hmail.com> To: john-users@...ts.openwall.com Subject: Re: Are BKS/Berkely -Keystores for Java supported yet? On 11 Aug, 2013, at 19:05 , Sam <blue-t@....de> wrote: > Am 11.08.2013 14:29, schrieb magnum: >> On 11 Aug, 2013, at 11:31 , Sam <blue-t@....de> wrote: >>> i am currently trying to estimate the security of an android application. >>> The certificate which is used quite heavily in the application only is >>> available as bks file which can''t be opened without password. >>> http://docs.oracle.com/cd/E13214_01/wli/docs70/b2bsecur/keystore.htm >>> I am currently tracing this obfuscated application in hope to reveal the >>> password used in the code somewhere but as a secondary fallback, i want >>> to try bruteforce. >>> Therefore my question, is it possible to use JtR for this process yet? >> In latest bleeding-jumbo (not released yet) we have a format called "keystore" which is "Java Keystore" but I'm not sure this is what you need. If it is, you'd use it like this: >> >> $ ./keystore2john file.bks >file.john >> $ ./john file.john (...) >> >> You can try a snapshot from https://github.com/magnumripper/JohnTheRipper/tarball/bleeding-jumbo >> >> If this is not it, I'm sure Dhiru will whip a new format up for you but his away for a week or so. >> >> magnum > I tried with a few diffrent make targets but so far none resulted in a > keystore2john file under the /run folder . > Make didn't return with any obvious error (except that mozilla format is > not available) That's very odd if you were really using bleeding-jumbo. It's been there since February and latest change was April 15. magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.