john-users - Cracking Android KeyStore files using JtR

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [day] [month] [year] [list]

Message-ID: <CANO7a6xY-GnP1rqTeAn+Yd-uueyeu4XzJCKUR=-6JdNE=Tkqww@mail.gmail.com>
Date: Sun, 7 Jun 2015 18:26:45 +0200
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-users@...ts.openwall.com
Subject: Cracking Android KeyStore files using JtR

Hi,

Here are the steps to crack Android KeyStore files using JtR.

1. Run keystore2john.py on .jks file(s).

E.g. $ ../run/keystore2john.py <name>.jks > hash

2. Run john on the output of keystore2john.py utility.

E.g. $ ../run/john hash

3. Wait for the password to get cracked.

$ ../run/john --format=keystore --test  # i3-4005U
Will run 2 OpenMP threads
Benchmarking: keystore, Java KeyStore [SHA1 32/64]...
Raw: 313344 c/s real, 156672 c/s virtual

In comparison, AndroidKeystoreBrute_v1.06.jar does around 46,000 tries
per second. Sample KeyStore files for testing can be downloaded from
the http://openwall.info/wiki/john/sample-non-hashes#KeyStore page.

http://maxcamillo.github.io/android-keystore-password-recover/ is the
project from which the AndroidKeystoreBrute_v1.06.jar file originates.

-- 
Dhiru

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.