Date: Wed, 08 Oct 2014 21:03:09 +0000 From: augustin <augustin@...nmailbox.org> To: john-users@...ts.openwall.com Subject: Re: attacking RC2 40-bit S/MIME encrypted emails > It now hits me this is out of scope for JtR itself. What JtR does is > always based on trying human-like passwords. But this "format" would be > a key brute-forcer with no input. For the same reason, we haven't > implemented an RC4/40 brute-forcer for old Office documents. > > However, even if Solar doesn't want these "in" Jumbo, I'm willing to > include them either "with" Jumbo (as stand-alone programs in the Jumbo > source tree), or simply as a separate repo if Solar persists. As Atom > recently wrote on Hashcat forum, you can sometimes marry RC4-BF with > actual password search: Since the available windows tool does not seem to work for me (it is running since quite some time and after reaching cycle nr. 28 it starts over again) - I was wondering whether you would be willing to publish your proof-of-concept code? btw: I did not get any answer from my emails to the authors of brutex10 - I could try to contact them via Bruce - he was quite responsive to email requests in the past.. but I would already be satisfied after seen that a CPU can indeed find the key in a ~week. thanks, augustin
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.