Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 9 Jan 2019 17:50:21 +0000
From: kc atgb <kisscoolandthegangbang@...mail.fr>
To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: gnome keyring password length limit

Hello,

I'm not sure to be on the right place. Please let me know if it is not 
the case. I'm am using john 1.8.0-jumbo-1 on debian 8.7.

I'm trying to recover the passphrase for one of my gnome keyrings 
without success. It is a long passphrase and I remember it a 95%. I have 
done some rules to generate the passwords to my needing.

In my tests, I discovered that john won't get my password if this 
password is longer than 15 caracters and that explain that I can't 
recover mine for sure.

$ cat 7.pass
abcdefghijklmnopqrstuvwxyz
$ ./keyring2john ~/.local/share/keyrings/7.keyring > 7
/home/martin/.local/share/keyrings/7.keyring: crypto size: 16 offset : 
85
$ ./john -w:7.pass --format:keyring 7
Using default input encoding: UTF-8
Loaded 1 password hash (keyring, GNOME Keyring [SHA256 AES 32/64 
OpenSSL])
Will run 4 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
0g 0:00:00:00 DONE (2019-01-09 18:25) 0g/s 10.00p/s 10.00c/s 10.00C/s 
abcdefghijklmno
Session completed

$ cat 8.pass
abcdefghijklmnop
$ ./keyring2john ~/.local/share/keyrings/8.keyring > 8
/home/martin/.local/share/keyrings/8.keyring: crypto size: 16 offset : 
85
$ ./john -w:8.pass --format:keyring 8
Using default input encoding: UTF-8
Loaded 1 password hash (keyring, GNOME Keyring [SHA256 AES 32/64 
OpenSSL])
Will run 4 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
0g 0:00:00:00 DONE (2019-01-09 18:42) 0g/s 11.11p/s 11.11c/s 11.11C/s 
abcdefghijklmno
Session completed

$ cat 9.pass
abcdefghijklmno
$ ./keyring2john ~/.local/share/keyrings/9.keyring > 9
/home/martin/.local/share/keyrings/9.keyring: crypto size: 16 offset : 
85
$ ./john -w:9.pass --format:keyring 9
Using default input encoding: UTF-8
Loaded 1 password hash (keyring, GNOME Keyring [SHA256 AES 32/64 
OpenSSL])
Will run 4 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
abcdefghijklmno  (9.keyring)
1g 0:00:00:00 DONE (2019-01-09 18:42) 6.250g/s 6.250p/s 6.250c/s 
6.250C/s abcdefghijklmno
Use the "--show" option to display all of the cracked passwords reliably
Session completed

I can unlock the keyring with the password composed of 26 letters.

Is there any way to bypass this limit ? Any option ? Another method ?

I'm blocked and that make me crazy that I can't remember the last part.

Thanks in advance.

-- 
------------

K. C.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.