Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 19 Aug 2021 21:45:08 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: is it possible to run jumbo john 1.9 on multiple
 windows machines?

The bitlocker you are trying to recover, isn't likely to be recovered
soon... The use-case for JtR is likely the "BitLocker To Go" scenario,
where a user puts in a password to protect a Thumb Drive /USB Drive. I
believe BL keys are 48 digits, which is a LOT, even if the keyspace is 0-9.
You may be better served looking at M$'s site:
https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan
Again if your drive is using TPM and or some Key you don't have a back up
of or access too... I don't think you'll crack 48 digits anytime soon.
At just 16 digits, that's a key space of 36587558241570175048828125000000,
and if you get let's say 6.8M hashes per second, times 86400 seconds in a
day...
36587558241570175048828125000000 / (6800000 * 86400)
equals... a lot. Your key is not likely 99999-99999-999999 etc... but even
brute-forcing at 16 pure digits at the speeds advertised on bitcracker
https://github.com/e-ago/bitcracker#performance makes it seem pretty slim.
You may want to contact that developer and see if they have any tips? They
helped create the format for JtR, I am not sure they are on the John User's
list.

On Thu, Aug 19, 2021 at 8:45 PM Harlock <harlock8@....it> wrote:

> On 8/19/21 1:12 PM, Rich Rumble wrote:
> > If you're running a jumbo version of JtR you should have the option to
> run
> > node and or fork, but I can't say if those work with GPU cracking.
> > https://www.openwall.com/john/doc/OPTIONS.shtml
> > Looks like Fork will work with OpenCL
> > https://www.openwall.com/lists/john-users/2013/09/08/1
> > Have a look at JtR's other documentation on parrallelization:
> >
> https://openwall.info/wiki/john/parallelization#Built-in-MPI-parallelization-support
> > To use John's OpenMP support, you need to either use an existing
> > OpenMP-enabled build (e.g., "john-omp.exe" on Windows)
> > https://www.openwall.com/john/doc/FAQ.shtml (distributed processing)
> > -rich
> >
> > On Wed, Aug 18, 2021 at 8:36 AM Harlock <harlock8@....it> wrote:
> >
> >> Hi all,
> >>
> >> I 'm actually running this task on windows:
> >>
> >> john.exe --format=bitlocker-opencl
> >>
> --mask=?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d
> >>
> >> hash_to_crack.txt
> >>
> >> I read about the --node option and I was wondering if I can split the
> >> work among multiple machines, if yes, can you please support me to
> >> configure the process?
> >>
> >> Thanks in advance for the support
> >>
> >>
> > Hi Rich,
> >
> > thanks for your reply, I've seen a tutorial for Linux about it:
> >
> >
> https://countuponsecurity.com/2015/05/07/step-by-step-clustering-john-the-ripper-on-kali/comment-page-1/?unapproved=31054&moderation-hash=1bb2f13bba181b1b653e64473da8c3c0#comment-31054
> >
> > I'm wondering if I can use this one as start for the configuration of
> the openmp side.
> >
> > also according to Magnum that reply me too, it seems this crack is
> pointless as it cannot be done in a "human" time, I'm wondering if there is
> another way to sort my issue that is basically this one:
> >
> >
> https://www.dell.com/community/Windows-10/BitLocker-need-a-key-but-I-never-installed-it/td-p/6019486
> >
> > I've already tried all of the suggestions inside but none of them are
> working
> >
> > Regards
>
>
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.