06-29-2012, 02:26 PM
Pages: 1 2
06-29-2012, 03:33 PM
Sample pfx which I am using: https://openwall.info/wiki/_media/john/PKCS-12.zip
06-29-2012, 04:47 PM
I checked the speed of Elcomsoft Distributed Password Recovery and it is 1831 for openwall.pfx file. My JtR
plug-in is faster than EDPR.
@aestu: do report back your speeds with openwall.pfx. I tried running it myself and it does *not* seem to be faster than my JtR plug-in.
@original poster: did you actually try running Elcomsoft Distributed Password Recovery on your pfx file? If yes, what speeds were you getting.
plug-in is faster than EDPR.
@aestu: do report back your speeds with openwall.pfx. I tried running it myself and it does *not* seem to be faster than my JtR plug-in.
@original poster: did you actually try running Elcomsoft Distributed Password Recovery on your pfx file? If yes, what speeds were you getting.
06-30-2012, 12:03 PM
(06-29-2012, 04:47 PM)halfie Wrote: [ -> ]I checked the speed of Elcomsoft Distributed Password Recovery and it is 1831 for openwall.pfx file. My JtR
plug-in is faster than EDPR.
@aestu: do report back your speeds with openwall.pfx. I tried running it myself and it does seem to be faster than my JtR plug-in.
Did your plugin support threads?
Definitely, performance depends on the PKCS#12 file. I tested with openwall.pfx and performance is 6175 per second:
Code:
> time ./crackpkcs12 -b -c a -m 4 -M 4 ~/PKCS#12/openwall.pfx
Brute force attack - Starting 4 threads
Min length: 4
Max length: 4
Use -m and -M flags to modify these values.
Brute force attack - Thread 1 - Starting with 4 characters passwords
Brute force attack - Thread 2 - Starting with 4 characters passwords
Brute force attack - Thread 3 - Starting with 4 characters passwords
Brute force attack - Thread 4 - Starting with 4 characters passwords
Brute force attack - Exhausted search
No password found
real 1m14.410s
user 4m23.976s
sys 0m0.032sSince we are using a 26 letters alphabet we try 26*26*26*26~=457000 passwords. 457000/74 second ~= 6175 passwords per second.
I can achive a better performance cracking another .p12 file that I exported from an older version of Firefox. It is revoked but I can't attach it here because it is a personal certificate with my name, surname, etc... I will try to get a similar PKCS#12 sample file to attach here.
06-30-2012, 03:35 PM
Yes, My JtR plug-in supports multicore too (using OpenMP) though I haven't tested it much. 6175 p/s on a 4-core machine sounds right for openwall.pfx file. I get double the speeds on a pfx file generated with keytool utility.
07-01-2012, 03:18 AM
(06-30-2012, 03:35 PM)halfie Wrote: [ -> ]Yes, My JtR plug-in supports multicore too (using OpenMP) though I haven't tested it much. 6175 p/s on a 4-core machine sounds right for openwall.pfx file. I get double the speeds on a pfx file generated with keytool utility.
Finally, I got an example of PKCS#12 file to show you the better performace. I created it by exporting certificate from an old version of Firefox (version 3). I'm showing you performance in a two cores machine (not the previous posts 4 cores machine)
Code:
> cat /proc/cpuinfo
[ ... ]
model name : Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz
[ ... ]
> time ./crackpkcs12 -d ~/dict.txt ~/usr0052-exportado_desde_firefox_3.p12
Dictionary attack - Starting 2 threads
Dictionary attack - Exhausted search
Dictionary attack - Exhausted search
No password found
real 0m2.560s
user 0m4.504s
sys 0m0.036s
> wc -l ~/cuatruple-largo-dict.txt
400000 /home/xxxxxxx/dict.txt400K / 2.5 seconds = 160K/s in a two cores old machine
aestu
07-01-2012, 09:38 AM
$ ../run/john hash # Single-core results.
Loaded 1 password hash (pfx [32/64])
guesses: 0 time: 0:00:00:08 0.00% (3) c/s: 95412 trying: crxee
guesses: 0 time: 0:00:00:23 0.00% (3) c/s: 103019 trying: 0378905
guesses: 0 time: 0:00:00:28 0.00% (3) c/s: 103940 trying: my1dvy
guesses: 0 time: 0:00:08:17 0.00% (3) c/s: 108602 trying: ge18cl
$ ../run/john hash # AMD X3 720 (triple core)
Loaded 1 password hash (pfx [32/64])
guesses: 0 time: 0:00:00:32 0.00% (3) c/s: 255815 trying: tshwgg - tsapli
guesses: 0 time: 0:00:00:34 0.00% (3) c/s: 256920 trying: amphc - adld3
guesses: 0 time: 0:00:01:04 0.00% (3) c/s: 262909 trying: thanid - thunct
@aestu: :-), high speeds finally. Thanks for the sample certificate.
Loaded 1 password hash (pfx [32/64])
guesses: 0 time: 0:00:00:08 0.00% (3) c/s: 95412 trying: crxee
guesses: 0 time: 0:00:00:23 0.00% (3) c/s: 103019 trying: 0378905
guesses: 0 time: 0:00:00:28 0.00% (3) c/s: 103940 trying: my1dvy
guesses: 0 time: 0:00:08:17 0.00% (3) c/s: 108602 trying: ge18cl
$ ../run/john hash # AMD X3 720 (triple core)
Loaded 1 password hash (pfx [32/64])
guesses: 0 time: 0:00:00:32 0.00% (3) c/s: 255815 trying: tshwgg - tsapli
guesses: 0 time: 0:00:00:34 0.00% (3) c/s: 256920 trying: amphc - adld3
guesses: 0 time: 0:00:01:04 0.00% (3) c/s: 262909 trying: thanid - thunct
@aestu: :-), high speeds finally. Thanks for the sample certificate.
12-21-2012, 02:00 AM
I need instructions for how to crack a password in windows for a pfx certificate to desencrypt my files because i have formatted my pc and i have files encrypted, y only have de .pfx wich i forgot the password, help please im new in this
Pages: 1 2