[[Adding support for more non-hashes to JtR]]
 
Trace: Adding support for more non-hashes to JtR

Adding support for more non-hashes to JtR

Unless you're developing or debugging JtR program code, you're probably looking for the sample non-hashes page instead of this one.

Dhiru Kholia's assorted notes

Notes

1. Read the manual pages!

How to trace and understand existing code

1. Build debug versions of the package

https://wiki.archlinux.org/index.php/Debug_-_Getting_Traces

NOTE: At times, Makefiles and configure scripts need to be passed the debug flag.

2. Run the program under Valgrind’s callgrind tool

valgrind –tool=callgrind openssl dsa -in test.key

3. Use KCachegrind for profile data visualization

Attacking SSH keys

TODO:

1. Attack PKCS#8 keys, change iteration count and use aes256 (ssh-cracker) 2. Making SSH keys harder to brute-force.

HOWTO:

1. Generate test keys

ssh-keygen -t dsa -f test.key openssl dsa -in test.key

2. Use KCachegrind for profile data visualization

http://dl.dropbox.com/u/1522424/Callgrind-OpenSSL-DSA-decrypt-path.png
http://dl.dropbox.com/u/1522424/Callgrind-JtR-DES-path.png

Understanding OpenSSL for cracking SSH private keys

See test folder from OpenSSL source distribution.
See demos/maurice folder from OpenSSL source distribution.
See crypto/pem/pem_all.c for usage of PEM_read_bio_PrivateKey() function.
Defined in crypto/pem/pem_pkey.c:EVP_PKEY *PEM_read_bio_PrivateKey()
Also see PEM_read_PrivateKey()
Note: All these functions are high level and seem unsuitable for brute forcing.

Callback Function: http://www.openssl.org/docs/crypto/pem.html

http://www.openssl.org/docs/crypto/OpenSSL_add_all_algorithms.html
http://www.openssl.org/docs/crypto/bio.html
http://www.openssl.org/docs/crypto/BIO_s_file.html
http://www.openssl.org/docs/crypto/pem.html
http://www.openssl.org/docs/crypto/pem.html#PEM_ENCRYPTION_FORMAT
http://www.openssl.org/docs/apps/rsa.html
http://www.openssl.org/docs/crypto/pem.html
http://www.jensign.com/opensslkey/

RFC 1421, RFC 1423

openssl pkey openssl pem

Attacking TrueCrypt Volumes

openssl speed -evp aes-256-cbc

http://keepass.info/help/base/security.html

Attacking FileVault

http://crypto.nsa.org/vilefault/

Arch Linux OpenCL support

pacman -S opencl-header nvidia nvidia-utils # NVIDIA systems

cower -sd catalyst catalyst-utils # ATI systems

Attacking ZIP files

<WIP>

More Formats: RAR (AES 128), Putty ppk files, 7-Zip, PDF, M$ Office, TrueCrypt Volumes …

john/non-hashes.txt · Last modified: 2011/06/30 22:49 by solar
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate to DokuWiki Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki Powered by OpenVZ Powered by Openwall GNU/*/Linux