Adding support for more non-hashes to JtR

Unless you're developing or debugging JtR program code, you're probably looking for the sample non-hashes page instead of this one.

Dhiru Kholia's assorted notes


1. Read the manual pages!

How to trace and understand existing code

1. Build debug versions of the package

NOTE: At times, Makefiles and configure scripts need to be passed the debug flag.

2. Run the program under Valgrind’s callgrind tool

valgrind –tool=callgrind openssl dsa -in test.key

3. Use KCachegrind for profile data visualization

Attacking SSH keys


1. Attack PKCS#8 keys, change iteration count and use aes256 (ssh-cracker) 2. Making SSH keys harder to brute-force.


1. Generate test keys

ssh-keygen -t dsa -f test.key openssl dsa -in test.key

2. Use KCachegrind for profile data visualization

Understanding OpenSSL for cracking SSH private keys

See test folder from OpenSSL source distribution.
See demos/maurice folder from OpenSSL source distribution.
See crypto/pem/pem_all.c for usage of PEM_read_bio_PrivateKey() function.
Defined in crypto/pem/pem_pkey.c:EVP_PKEY *PEM_read_bio_PrivateKey()
Also see PEM_read_PrivateKey()
Note: All these functions are high level and seem unsuitable for brute forcing.

Callback Function:

RFC 1421, RFC 1423

openssl pkey openssl pem

Attacking TrueCrypt Volumes

openssl speed -evp aes-256-cbc

Attacking FileVault

Arch Linux OpenCL support

pacman -S opencl-header nvidia nvidia-utils # NVIDIA systems

cower -sd catalyst catalyst-utils # ATI systems

Attacking ZIP files


More Formats: RAR (AES 128), Putty ppk files, 7-Zip, PDF, M$ Office, TrueCrypt Volumes …