Please note, this is a STATIC archive of website hashcat.net from 08 Oct 2020, cach3.com does not collect or store any user information, there is no "phishing" involved.

hashcat Forum

Full Version: Cracking a p12 PFX certificate
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2
Hello!

My friend forgot his password for a .p12 certificate file. I can't find a good program for cracking it except for Elcomsoft distributed password recovery, which cracks at speed 500k/s, which is not enough for me.

Do you know of a program that can utilise a GPU for .p12 perhaps?

Thank you!
Elcomsoft distributed password already uses GPU, no ?
(06-27-2012, 08:26 PM)Mem5 Wrote: [ -> ]Elcomsoft distributed password already uses GPU, no ?

Not for this algorithm.
Sorry. I have a better solution..

I am going to assume you have already imported the certificate on a machine and now want to import it elsewhere but have forgotten the pwd.

a) On windows export the certificate with the certificate snap-in through MMC (will work if certificate has not been marked as non-exportable)
b) On mac export the certificate through the keychain ? or just clone the keychain across

Will save you time cracking it.

Just saying...
(06-27-2012, 08:33 PM)fizikalac Wrote: [ -> ]
(06-27-2012, 08:26 PM)Mem5 Wrote: [ -> ]Elcomsoft distributed password already uses GPU, no ?

Not for this algorithm.

I wrote a program to crack PKCS#12 files some time ago: crackpkcs12.

It doesn't support GPU but it's multithreaded so you can get more than 500k/s if you have a modern CPU. Try it:

https://sourceforge.net/projects/crackpkcs12/

It's written in C and is tested on GNU/Linux

Aestu
@aestu: OpenSSL is not thread safe (especially its error handling part) unless some callbacks have been implemented.

See https://curl.haxx.se/libcurl/c/threaded-ssl.html. How much speed are you getting with your cracker?
I implemented support for cracking PKCS #12 files in JtR (based on aestu's program).

$ ../run/john -format=pfx -t
Benchmarking: pfx [32/32]... DONE
Raw: 2121 c/s real, 2121 c/s virtual

How does Elcomsoft distributed password recovery (which cracks at speed 500k/s) achieve those nice speeds?
(06-29-2012, 08:34 AM)halfie Wrote: [ -> ]@aestu: OpenSSL is not thread safe (especially its error handling part) unless some callbacks have been implemented.

See https://curl.haxx.se/libcurl/c/threaded-ssl.html. How much speed are you getting with your cracker?

crackpkcs12 use openssl into two steps:

1.- Every thread loads its own pkcs#12 struct from file
2.- Check passwords

Step 1: I avoid concurrency by using a mutex.
Step 2: Every thread has its own struct and there is no concurrency problems

You can check crackpkcs12 works.

Regarding speed, I achieve 260k/s using brute force and this CPU (not a cutting edge one):

Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz

aestu

(06-29-2012, 11:14 AM)halfie Wrote: [ -> ]I implemented support for cracking PKCS #12 files in JtR (based on aestu's program).

$ ../run/john -format=pfx -t
Benchmarking: pfx [32/32]... DONE
Raw: 2121 c/s real, 2121 c/s virtual

How does Elcomsoft distributed password recovery (which cracks at speed 500k/s) achieve those nice speeds?

Could I see your code? Is there a public repository?

Thanks,

aestu
aestu: are you sure about the speeds you are getting? I am getting very low speeds (2K/s).

Can you take a look at https://github.com/magnumripper/magnum-j.../pfx_fmt.c
and see if anything is wrong?
(06-29-2012, 11:29 AM)halfie Wrote: [ -> ]aestu: are you sure about the speeds you are getting? I am getting very low speeds (2K/s).

Can you take a look at https://github.com/magnumripper/magnum-j.../pfx_fmt.c
and see if anything is wrong?

The problem could be the PKCS#12 sample file you are using. How did you get it?

If you exported it from Internet Explorer having "Secure protection" enabled, openssl functions performance falls a lot. I don't know whether it is the case with "Elcomsoft distributed password recovery" or not.

aestu
Pages: 1 2