Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <f7dffc91-abbf-900f-c734-77f52a773432@tin.it>
Date: Fri, 20 Aug 2021 11:36:59 +0200
From: Harlock <harlock8@....it>
To: john-users@...ts.openwall.com
Subject: Re: is it possible to run jumbo john 1.9 on multiple
 windows machines?

On 8/20/21 3:45 AM, Rich Rumble wrote:
> The bitlocker you are trying to recover, isn't likely to be recovered
> soon... The use-case for JtR is likely the "BitLocker To Go" scenario,
> where a user puts in a password to protect a Thumb Drive /USB Drive. I
> believe BL keys are 48 digits, which is a LOT, even if the keyspace is 0-9.
> You may be better served looking at M$'s site:
> https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan
> Again if your drive is using TPM and or some Key you don't have a back up
> of or access too... I don't think you'll crack 48 digits anytime soon.
> At just 16 digits, that's a key space of 36587558241570175048828125000000,
> and if you get let's say 6.8M hashes per second, times 86400 seconds in a
> day...
> 36587558241570175048828125000000 / (6800000 * 86400)
> equals... a lot. Your key is not likely 99999-99999-999999 etc... but even
> brute-forcing at 16 pure digits at the speeds advertised on bitcracker
> https://github.com/e-ago/bitcracker#performance makes it seem pretty slim.
> You may want to contact that developer and see if they have any tips? They
> helped create the format for JtR, I am not sure they are on the John User's
> list.
>
> On Thu, Aug 19, 2021 at 8:45 PM Harlock <harlock8@....it> wrote:
>
>> On 8/19/21 1:12 PM, Rich Rumble wrote:
>>> If you're running a jumbo version of JtR you should have the option to
>> run
>>> node and or fork, but I can't say if those work with GPU cracking.
>>> https://www.openwall.com/john/doc/OPTIONS.shtml
>>> Looks like Fork will work with OpenCL
>>> https://www.openwall.com/lists/john-users/2013/09/08/1
>>> Have a look at JtR's other documentation on parrallelization:
>>>
>> https://openwall.info/wiki/john/parallelization#Built-in-MPI-parallelization-support
>>> To use John's OpenMP support, you need to either use an existing
>>> OpenMP-enabled build (e.g., "john-omp.exe" on Windows)
>>> https://www.openwall.com/john/doc/FAQ.shtml (distributed processing)
>>> -rich
>>>
>>> On Wed, Aug 18, 2021 at 8:36 AM Harlock <harlock8@....it> wrote:
>>>
>>>> Hi all,
>>>>
>>>> I 'm actually running this task on windows:
>>>>
>>>> john.exe --format=bitlocker-opencl
>>>>
>> --mask=?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d[-]?d?d?d?d?d?d
>>>> hash_to_crack.txt
>>>>
>>>> I read about the --node option and I was wondering if I can split the
>>>> work among multiple machines, if yes, can you please support me to
>>>> configure the process?
>>>>
>>>> Thanks in advance for the support
>>>>
>>>>
>>> Hi Rich,
>>>
>>> thanks for your reply, I've seen a tutorial for Linux about it:
>>>
>>>
>> https://countuponsecurity.com/2015/05/07/step-by-step-clustering-john-the-ripper-on-kali/comment-page-1/?unapproved=31054&moderation-hash=1bb2f13bba181b1b653e64473da8c3c0#comment-31054
>>> I'm wondering if I can use this one as start for the configuration of
>> the openmp side.
>>> also according to Magnum that reply me too, it seems this crack is
>> pointless as it cannot be done in a "human" time, I'm wondering if there is
>> another way to sort my issue that is basically this one:
>>>
>> https://www.dell.com/community/Windows-10/BitLocker-need-a-key-but-I-never-installed-it/td-p/6019486
>>> I've already tried all of the suggestions inside but none of them are
>> working
>>> Regards
>>
>>
Hi Rich,

thanks for your suggestions, I will try to contacht the bitcracker 
author to understand if can provide me some good trick too.

As this laptop is from a friend of mine and he asked too a recovery data 
company to know if it's possible to access is date, they can do it for 
1000€ so I'm wondering what kind of attack they gonna use on this 
bitlocker drive, do you have any idea?

Regards

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.