Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 2 Jul 2014 11:05:48 +0200 (CEST)
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: ssh known_hosts support?

On Mon, 23 Jun 2014, Royce Williams wrote:

> The 'HashKnownHosts' ssh config option enables hashing of IPs and
> hostnames in the ~/.known_hosts file. ...
>
> What would be the best path to using john for this purpose?

Hi,

The latest "bleeding-jumbo" version (from the following repository) now
supports cracking such hashes.

https://github.com/magnumripper/JohnTheRipper

$ cat hashes
$known_hosts$|1|pgjIzNM77FYsBHLfKvvG9aWpKAA=|XbHqTCXG1JAV6fb2h2HT8MT7kGU=
$known_hosts$|1|vAQX51f9EfXY33/j3upxFIlI1ds=|q+CzSLaa1EaSsAQzP/XRM/gaFQ4=

$ ../run/john hashes --mask="192.30.252.?d?d?d"
Loaded 2 password hashes with 2 different salts (known_hosts, ...)
....
192.30.252.128   (?)
192.30.252.130   (?)

$ ../run/john --format=known_hosts --test  # i7-4750HQ CPU
Benchmarking: known_hosts, HashKnownHosts HMAC-SHA1 [SHA1 32/64]... DONE
Raw:	1836K c/s real, 1836K c/s virtual

Later on, we might be able to use an existing format (or the dynamic
format) for cracking such hashes.

Dhiru

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.