Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <507ca8b2d324b0991caf51d18ae094ac@smtp.hushmail.com>
Date: Wed, 17 Sep 2014 00:58:29 +0200
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: attacking RC2 40-bit S/MIME encrypted emails

On 2014-09-17 00:00, magnum wrote:
> On 2014-09-16 22:44, augustin wrote:
>>>> long time ago, Bruce Schneier published a tool for Windows 95 to
>>>> attack S/MIME encrypted emails that use RC2 for encryption with
>>>> 40bit long keys.
>>>>
>>>> https://www.schneier.com/smime.html
>>>>
>>>> code: https://www.schneier.com/smime-download.html
>>>>
>>>> I had a look at john formats but did not find anything related.
>>>> Does john support that type of encryption or will it be supported
>>>> in the future?
>>>
>>> It doesn't, and I doubt anyone was planning to write it. Is RC2/40
>>> still used at all anywhere?
>>
>> 'openssl smime -encrypt' uses RC2/40 by default according to
>> documentation.
>>
>> fedora 20 (openssl-1.0.1e-39)/ubuntu 14.04/rhel 6.4:
>>     man smime: "If not specified 40 bit RC2 is used."
>>
>> so an implementation would probably still be useful these days.
>
> Cool. Someone should do this.

It now hits me this is out of scope for JtR itself. What JtR does is 
always based on trying human-like passwords. But this "format" would be 
a key brute-forcer with no input. For the same reason, we haven't 
implemented an RC4/40 brute-forcer for old Office documents.

However, even if Solar doesn't want these "in" Jumbo, I'm willing to 
include them either "with" Jumbo (as stand-alone programs in the Jumbo 
source tree), or simply as a separate repo if Solar persists. As Atom 
recently wrote on Hashcat forum, you can sometimes marry RC4-BF with 
actual password search:
http://hashcat.net/forum/thread-3665.html

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.