Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <l94ing$koh$1@ger.gmane.org>
Date: Sat, 21 Dec 2013 18:22:03 +0100
From: Carsten Fuchs <carsten.fuchs@...u.de>
To: john-users@...ts.openwall.com
Subject: Re: Crash in 7z2john.py

Hi again,

just fyi, I “cracked” my 7z file, using JtR and a simple trick:

     $ ./john --stdout --wordlist=my_wordlist.txt | ./my_Glue.pl

where the Perl script calls the 7z binary with the file of interest and 
the password from JtR, and examines the exit code of the 7z binary. 
Using the Perl script below, I achieved roughly 45 tests per second 
(Ubuntu 13.10 64-bit with a Core i5-4570).

Beforehand, I started digging into the 7-zip source code, and I got the 
impression (which may well be very wrong) that there is almost no better 
way to attack 7z's than to decode the whole file anyway, so eventually I 
just skipped it all and plainly deferred to `7za t -pXYZ filename.7z`.

I know it's a lousy trick, but it saved a huge amount of work, and in my 
case, it even worked. Also, I've no idea though how this compares 
regarding performance, but from what I infer from 
http://thread.gmane.org/gmane.comp.security.openwall.john.user/6779/focus=6784, 
it's not even bad at all.    ;-)

Best regards,
Carsten



#!/usr/bin/perl

# Examples:
# ./john --session=temp_test --stdout --wordlist=somelist.txt --rules | 
./my_Glue.pl
# ./john --session=temp_test --stdout --incremental[=Latin1] | ./my_Glue.pl

use strict;
use warnings;
use Parallel::ForkManager;

my $FILE_NAME = "test_2.7z";
my $MAX_PROCESSES = 8;

my $pm = new Parallel::ForkManager($MAX_PROCESSES);
my $count = 0;
my $Time  = time();

print "\nThe examined file is: $FILE_NAME\n\n";

while (my $line = <STDIN>)
{
     chop($line);

     $count++;
     if ($count % 1000 == 0)
     {
         my $oldTime = $Time;
         $Time = time();

         printf "%9d   %.1f t/s   %s\n", $count, 1000 / ($Time - 
$oldTime), $line;
     }

     $pm->start() and next;

     if (system("7za t -p'" . $line . "' ". $FILE_NAME ." > /dev/null") 
== 0)
     {
         print "\nThe password is \"" . $line . "\"\n";

         $pm->finish();
         $pm->wait_all_children();
         last;
     }

     if ($? == -1)
     {
         print "failed to execute: $!\n";

         $pm->finish();
         $pm->wait_all_children();
         last;
     }
     elsif ($? & 127)
     {
         printf "child died with signal %d, %s coredump\n", ($? & 127), 
($? & 128) ? 'with' : 'without';

         $pm->finish();
         $pm->wait_all_children();
         last;
     }
     #~ else {
         #~ printf "child exited with value %d\n", $? >> 8;
     #~ }

     $pm->finish();
}

$pm->wait_all_children();

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.