Date: Sun, 18 Oct 2015 15:02:51 +0300 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: encrypted PEM file cracking Hi, There are now two PEM file crackers, by Robert Graham: https://github.com/robertdavidgraham/pemcrack and by Brian Wallace: https://github.com/bwall/pemcracker Both were recently written. This suggests that few people were aware that JtR -jumbo already had this functionality. I've just tested, and bleeding-jumbo's ssh2john along with john crack the test.pem file included with pemcracker just fine. Maybe we need to advertise this somehow. Maybe create a pem2john as symlink to ssh2john, and mention PEM in ssh_fmt_plug.c's FORMAT_NAME? As to speeds, JtR's SSH format runs (at least on this test.pem) much faster for me with --fork=32 (on 32 logical CPUs) than with OpenMP, giving about 3500 c/s cumulative speed for fork vs. 955 c/s for OpenMP: 31 0g 0:00:00:28 DONE (2015-10-18 14:46) 0g/s 109.6p/s 109.6c/s 109.6C/s br0535..amelsis komodia (test.pem) 1 1g 0:00:00:28 DONE (2015-10-18 14:46) 0.03501g/s 109.4p/s 109.4c/s 109.4C/s br0507..komodia komodia (test.pem) 1g 0:00:01:44 DONE (2015-10-18 14:49) 0.009550g/s 955.0p/s 955.0c/s 955.0C/s br0507..komodia And here's pemcracker: [solar@...er pemcracker]$ time ./pemcracker test.pem w Password is komodia for test.pem real 1m39.126s user 51m6.696s sys 0m0.028s This is slightly faster than JtR's OpenMP, but way slower than JtR's --fork. There could be lock contention inside OpenSSL, although this process did consume 31 logical CPUs on average. This system has openssl-1.0.1e-30.el6_6.11. (Perhaps many times higher speeds are possible with custom code instead of using OpenSSL's.) In all of these tests, I am using a wordlist file with 100k wrong passwords followed by the correct password. test.dict included with pemcracker cracks the password too quickly to be used for benchmarking. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.