Solve a riddle, guess a 4 char password and add 10 BTC to your xmas... SOLVED!! - page 10.

K1773R

legendary

Activity: 1792

Merit: 1008

/dev/null

Quote from: phr33 on December 26, 2012, 05:36:50 AM

No, that's what I ment with dictionary mode.

I did a new run and got

Code:

./john --wordlist=dict1.txt jtr.private.hash

and got

Code:

guesses: 0  time: 0:00:23:34 DONE (Wed Dec 26 10:30:52 2012)  c/s: 10446

damn! so u create a wordlist with the sha256sums too and the jtr.private.hash is made from gpg2john right? i dont get it why ur somuch faster :S

flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 sse4_2 popcnt aes xsave avx lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid
kernel: 3.0.0

phr33

full member

Activity: 226

Merit: 100

What OS do you run? Maybe you don't get all the correct CPU flags?

I get:

Code:

$ cat /proc/cpuinfo  | grep flags
flags           : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid

You could try building with this

Code:

make linux-x86-64-avx

phr33

full member

Activity: 226

Merit: 100

No, that's what I ment with dictionary mode.

I did a new run and got

Code:

./john --wordlist=dict1.txt jtr.private.hash

and got

Code:

guesses: 0  time: 0:00:23:34 DONE (Wed Dec 26 10:30:52 2012)  c/s: 10446

K1773R

legendary

Activity: 1792

Merit: 1008

/dev/null

Quote from: phr33 on December 26, 2012, 05:32:15 AM

Quote from: K1773R on December 26, 2012, 05:29:54 AM

Quote from: phr33 on December 26, 2012, 05:27:08 AM

Quote from: K1773R on December 26, 2012, 05:18:33 AM

what kind of CPU are you using for 10200h/s? which clock?

That's a good 'ol i5 2500k @ stock clock. I compiled jtr with 'make linux-x86-64-native'.

In some of my later runs I saw the speed drop to ~10'000. Not sure if the 10'200 was a glitch or my box just was a bit more busy with other crap during the later run. But the whole key space took about 22 minutes so the speed is there somewhere.

r u sure u get 10k? i got a 2700k OC at 5GHz, and i only get 7500! compiled the same way lol

Oh my. Well yes I'm pretty sure. An obviously I use dictionary mode to cope with the custom key derivation function...

i use a previously generated wordlist (generated by a tool i wrote), how r u using the dictionary mode?

phr33

full member

Activity: 226

Merit: 100

Quote from: K1773R on December 26, 2012, 05:29:54 AM

Quote from: phr33 on December 26, 2012, 05:27:08 AM

Quote from: K1773R on December 26, 2012, 05:18:33 AM

what kind of CPU are you using for 10200h/s? which clock?

That's a good 'ol i5 2500k @ stock clock. I compiled jtr with 'make linux-x86-64-native'.

In some of my later runs I saw the speed drop to ~10'000. Not sure if the 10'200 was a glitch or my box just was a bit more busy with other crap during the later run. But the whole key space took about 22 minutes so the speed is there somewhere.

r u sure u get 10k? i got a 2700k OC at 5GHz, and i only get 7500! compiled the same way lol

Oh my. Well yes I'm pretty sure. An obviously I use dictionary mode to cope with the custom key derivation function...

K1773R

legendary

Activity: 1792

Merit: 1008

/dev/null

Quote from: phr33 on December 26, 2012, 05:27:08 AM

Quote from: K1773R on December 26, 2012, 05:18:33 AM

what kind of CPU are you using for 10200h/s? which clock?

That's a good 'ol i5 2500k @ stock clock. I compiled jtr with 'make linux-x86-64-native'.

In some of my later runs I saw the speed drop to ~10'000. Not sure if the 10'200 was a glitch or my box just was a bit more busy with other crap during the later run. But the whole key space took about 22 minutes so the speed is there somewhere.

r u sure u get 10k? i got a 2700k OC at 5GHz, and i only get 7500! compiled the same way lol

phr33

full member

Activity: 226

Merit: 100

Quote from: K1773R on December 26, 2012, 05:18:33 AM

what kind of CPU are you using for 10200h/s? which clock?

That's a good 'ol i5 2500k @ stock clock. I compiled jtr with 'make linux-x86-64-native'.

In some of my later runs I saw the speed drop to ~10'000. Not sure if the 10'200 was a glitch or my box just was a bit more busy with other crap during the later run. But the whole key space took about 22 minutes so the speed is there somewhere.

::EDIT
62^4 / 10'200 = 1448 s = 24.1 minutes
62^4 / 10'000 = 1478 s = 24.6 minutes

So acctually the average speed must have been like 11'100 /s

K1773R

legendary

Activity: 1792

Merit: 1008

/dev/null

Quote from: phr33 on December 26, 2012, 05:08:48 AM

Wow, didn't realize we are at 97 confirms already! I guess I'll be home when we hit 100 and will give my scripts a go if we get "a really good hint".

what kind of CPU are you using for 10200h/s? which clock?

phr33

full member

Activity: 226

Merit: 100

Wow, didn't realize we are at 97 confirms already! I guess I'll be home when we hit 100 and will give my scripts a go if we get "a really good hint".

phr33

full member

Activity: 226

Merit: 100

Quote from: K1773R on December 26, 2012, 04:39:03 AM

the salt is what we have to "crack" unlike otherwise the pw Tongue

Yes - we are lucky that it's not that hashing or encryption algo that is the target!

K1773R

legendary

Activity: 1792

Merit: 1008

/dev/null

Quote from: phr33 on December 26, 2012, 04:34:32 AM

Quote from: CIYAM on December 26, 2012, 04:26:51 AM

Quote from: cedivad on December 26, 2012, 04:19:05 AM

...but how did he encrypt the private key?

The GPG private key was of course encrypted by GPG itself (using standard settings) with a password that is actually an SHA256 hash (as hex) - the script shown in the OP was what I used to convert a 4 character password into the hash (with the key point that I modified a line of the script that adds "salt" to the weak password to strengthen it before hashing).

I'm sure you are all aware, I just like to point out that the security of any real crypto system never should rely on the secrecy of the salt or key derivation function. It should be based on the secret key only. But in this game we know that this secret key is weak and the main problem is the unknown parts of the key derivation function a.k.a. security by obscurity.

So in a cryptographic sense the salt does not add any strength.

the salt is what we have to "crack" unlike otherwise the pw Tongue

phr33

full member

Activity: 226

Merit: 100

Quote from: CIYAM on December 26, 2012, 04:26:51 AM

Quote from: cedivad on December 26, 2012, 04:19:05 AM

...but how did he encrypt the private key?

The GPG private key was of course encrypted by GPG itself (using standard settings) with a password that is actually an SHA256 hash (as hex) - the script shown in the OP was what I used to convert a 4 character password into the hash (with the key point that I modified a line of the script that adds "salt" to the weak password to strengthen it before hashing).

I'm sure you are all aware, I just like to point out that the security of any real crypto system never should rely on the secrecy of the salt or key derivation function. It should be based on the secret key only. But in this game we know that this secret key is weak and the main problem is the unknown parts of the key derivation function a.k.a. security by obscurity.

So in a cryptographic sense the salt does not add any strength.

K1773R

legendary

Activity: 1792

Merit: 1008

/dev/null

Quote from: phr33 on December 26, 2012, 04:19:26 AM

Quote from: BkkCoins on December 26, 2012, 03:56:29 AM

edit: Found. nice. even supports GPUs, will test that now...

Nice! I blame myself for not keeping at least on GPU to play with opencl with. Just out of curiosity, could you post the speeds you get with a GPU cracking GPG?

Just let me know if you need any help with building etc.

Thanks!

john supports OpenCL and CUDA, altough only some hashalgos/implementations, GPG not (as far ive read) yet.

CIYAM

legendary

Activity: 1890

Merit: 1078

Ian Knowles - CIYAM Lead Developer

Quote from: cedivad on December 26, 2012, 04:19:05 AM

...but how did he encrypt the private key?

The GPG private key was of course encrypted by GPG itself (using standard settings) with a password that is actually an SHA256 hash (as hex) - the script shown in the OP was what I used to convert a 4 character password into the hash (with the key point that I modified a line of the script that adds "salt" to the weak password to strengthen it before hashing).

I have put the script into a "code block" in order to make the OP clearer (the script itself was unchanged from that in the original OP version).

phr33

full member

Activity: 226

Merit: 100

Quote from: BkkCoins on December 26, 2012, 03:56:29 AM

edit: Found. nice. even supports GPUs, will test that now...

Nice! I blame myself for not keeping at least on GPU to play with opencl with. Just out of curiosity, could you post the speeds you get with a GPU cracking GPG?

Just let me know if you need any help with building etc.

Thanks!

cedivad

legendary

Activity: 1176

Merit: 1001

I would like to get into this but i'm GPG ignorant to the point that i dont ven know what command to launch to verify if a guessed password will open it. I think to have understood that he used the private key he posted to encrypt the secret, but how did he encrypt the private key?
:/

phr33

full member

Activity: 226

Merit: 100

Quote from: K1773R on December 26, 2012, 03:46:13 AM

Quote from: phr33 on December 26, 2012, 03:36:55 AM

Quote from: K1773R on December 26, 2012, 03:31:45 AM

care to share jtr for GPG?

Google is your friend!

But, what the h-ll... It's Christmas, right?
http://www.ubuntuvibes.com/2012/10/recover-your-gpg-passphrase-using-john.html

i didnt google to be honest as i asked for what solution hes using, well i guess its going to be the same. ty anyways

Yep - That's what I'm using

BkkCoins

hero member

Activity: 784

Merit: 1009

firstbits:1MinerQ

Well, it is Xmas and I doubt I'm going to see this thru to the end anyway - so here's my Xmas gift...

( I tried to give the clue nasty before above!)

See nasty for C code to adapt below. If I decide not to bother then I'll give up my enhancements to nasty to let others play. I've added code to do the salt pattern and hashing and allow selecting a gpg key when it's not the default one on the keyring. I may alter it to support multiple threads if it proves not too hard, or perhaps a start pwd value so I can split it onto multiple machines each doing some range.

http://www.vanheusden.com/nasty/

(Note he states this could be 100x faster if done differently. I gather he's talking about using underlying decrypt code and testing per byte so it can be cut short sooner. But I have not looked into that.)

I guess I should be looking for jtr as well.

edit: Found. nice. even supports GPUs, will test that now...

K1773R

legendary

Activity: 1792

Merit: 1008

/dev/null

Quote from: phr33 on December 26, 2012, 03:36:55 AM

Quote from: K1773R on December 26, 2012, 03:31:45 AM

care to share jtr for GPG?

Google is your friend!

But, what the h-ll... It's Christmas, right?
http://www.ubuntuvibes.com/2012/10/recover-your-gpg-passphrase-using-john.html

i didnt google to be honest as i asked for what solution hes using, well i guess its going to be the same. ty anyways

phr33

full member

Activity: 226

Merit: 100

Quote from: K1773R on December 26, 2012, 03:31:45 AM

care to share jtr for GPG?

Google is your friend!

But, what the h-ll... It's Christmas, right?
http://www.ubuntuvibes.com/2012/10/recover-your-gpg-passphrase-using-john.html

Topic: Solve a riddle, guess a 4 char password and add 10 BTC to your xmas... SOLVED!! - page 10. (Read 13586 times)