Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 20 May 2014 09:03:36 +0200
From: Albert Veli <albert.veli@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Partially known PGP key password

I haven't tried it myself, but I read on the list a while ago there seems
to be support for some kind of mask attack in one of the github variants
(is it the magnumripper jumbo version?).

Something like john --mask='password?d' would try all combinations
from password0 to password9. If this works, try ?l for lower case
characters and ?u for upper case.




On Mon, May 19, 2014 at 7:10 AM, Dennis Schridde <devurandom@....net> wrote:

> Hello everyone!
>
> A friend of mine only remembers the beginning of his PGP key password
> and needs to recover the rest. I suggested John and already converted
> the key using gpg2john and created a john.local.conf similar to the
> following:
>
> [List.Rules:R]
> Az~[a]
> Az~[a][b]
> Az~[a][b][c]
>
> where a,b,c are possible characters of the password. Now I am running
> John with a wordlist that contains only one line: The known first
> characters.
>
> My question is: Is this an efficient way to crack the password? (My
> machine has two cores, but John compiled with OpenMP only uses one,
> while I would assume the task to be easily parallelisable.)
>
> When I talked to Magnum (actual question below [1]), he pointed out that
> I might be using too many salts. Now Johns says "Loaded 2 password
> hashes with 2 different salts (OpenPGP / GnuPG Secret Key [32/64])", so
> I assume that two are not really too many, right? And it seems those
> salts came from the PGP key itself, because the file gpg2john created
> contains two lines, and I do not see any other resemblance of the
> number "2" anywhere.
>
> Best regards,
> Dennis
>
> [1]
> > I read that I can make john output a status line by pressing <space>
> > during runtime. I also read that I can execute john -status from
> > another console and it will examine the john.rec file to print the
> > status line there. However, neither method works on my system:
> >
> > Pressing space just does nothing. Pressing q sometimes exits john
> > immediately, but I cannot reproduce that now. Pressing ^C results in a
> > line "Wait...", but nothing happens. Pressing ^C aborts the session
> > immediately.
> >
> > Executing john -status results in the message that the file john.rec
> > does not exist.
>

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.