Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CAEo4CeP=Zf1T6=ednh2hMESqfX6Jo-bNaxYhAfHG-fQmNSKsCQ@mail.gmail.com>
Date: Tue, 20 May 2014 09:03:36 +0200
From: Albert Veli <albert.veli@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Partially known PGP key password

I haven't tried it myself, but I read on the list a while ago there seems
to be support for some kind of mask attack in one of the github variants
(is it the magnumripper jumbo version?).

Something like john --mask='password?d' would try all combinations
from password0 to password9. If this works, try ?l for lower case
characters and ?u for upper case.




On Mon, May 19, 2014 at 7:10 AM, Dennis Schridde <devurandom@....net> wrote:

> Hello everyone!
>
> A friend of mine only remembers the beginning of his PGP key password
> and needs to recover the rest. I suggested John and already converted
> the key using gpg2john and created a john.local.conf similar to the
> following:
>
> [List.Rules:R]
> Az~[a]
> Az~[a][b]
> Az~[a][b][c]
>
> where a,b,c are possible characters of the password. Now I am running
> John with a wordlist that contains only one line: The known first
> characters.
>
> My question is: Is this an efficient way to crack the password? (My
> machine has two cores, but John compiled with OpenMP only uses one,
> while I would assume the task to be easily parallelisable.)
>
> When I talked to Magnum (actual question below [1]), he pointed out that
> I might be using too many salts. Now Johns says "Loaded 2 password
> hashes with 2 different salts (OpenPGP / GnuPG Secret Key [32/64])", so
> I assume that two are not really too many, right? And it seems those
> salts came from the PGP key itself, because the file gpg2john created
> contains two lines, and I do not see any other resemblance of the
> number "2" anywhere.
>
> Best regards,
> Dennis
>
> [1]
> > I read that I can make john output a status line by pressing <space>
> > during runtime. I also read that I can execute john -status from
> > another console and it will examine the john.rec file to print the
> > status line there. However, neither method works on my system:
> >
> > Pressing space just does nothing. Pressing q sometimes exits john
> > immediately, but I cannot reproduce that now. Pressing ^C results in a
> > line "Wait...", but nothing happens. Pressing ^C aborts the session
> > immediately.
> >
> > Executing john -status results in the message that the file john.rec
> > does not exist.
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.