+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Misc (https://hashcat.net/forum/forum-15.html)
+--- Forum: General Talk (https://hashcat.net/forum/forum-33.html)
+--- Thread: Cracking a p12 PFX certificate (/thread-1337.html)
Pages:
1
2
Cracking a p12 PFX certificate - fizikalac - 06-27-2012
Hello!
My friend forgot his password for a .p12 certificate file. I can't find a good program for cracking it except for Elcomsoft distributed password recovery, which cracks at speed 500k/s, which is not enough for me.
Do you know of a program that can utilise a GPU for .p12 perhaps?
Thank you!
RE: Cracking a p12 PFX certificate - Mem5 - 06-27-2012
Elcomsoft distributed password already uses GPU, no ?
RE: Cracking a p12 PFX certificate - fizikalac - 06-27-2012
(06-27-2012, 08:26 PM)Mem5 Wrote: Elcomsoft distributed password already uses GPU, no ?
Not for this algorithm.
RE: Cracking a p12 PFX certificate - blazer - 06-28-2012
Sorry. I have a better solution..
I am going to assume you have already imported the certificate on a machine and now want to import it elsewhere but have forgotten the pwd.
a) On windows export the certificate with the certificate snap-in through MMC (will work if certificate has not been marked as non-exportable)
b) On mac export the certificate through the keychain ? or just clone the keychain across
Will save you time cracking it.
Just saying...
RE: Cracking a p12 PFX certificate - aestu - 06-29-2012
(06-27-2012, 08:33 PM)fizikalac Wrote:(06-27-2012, 08:26 PM)Mem5 Wrote: Elcomsoft distributed password already uses GPU, no ?
Not for this algorithm.
I wrote a program to crack PKCS#12 files some time ago: crackpkcs12.
It doesn't support GPU but it's multithreaded so you can get more than 500k/s if you have a modern CPU. Try it:
http://sourceforge.net/projects/crackpkcs12/
It's written in C and is tested on GNU/Linux
Aestu
RE: Cracking a p12 PFX certificate - halfie - 06-29-2012
@aestu: OpenSSL is not thread safe (especially its error handling part) unless some callbacks have been implemented.
See http://curl.haxx.se/libcurl/c/threaded-ssl.html. How much speed are you getting with your cracker?
RE: Cracking a p12 PFX certificate - halfie - 06-29-2012
I implemented support for cracking PKCS #12 files in JtR (based on aestu's program).
$ ../run/john -format=pfx -t
Benchmarking: pfx [32/32]... DONE
Raw: 2121 c/s real, 2121 c/s virtual
How does Elcomsoft distributed password recovery (which cracks at speed 500k/s) achieve those nice speeds?
RE: Cracking a p12 PFX certificate - aestu - 06-29-2012
(06-29-2012, 08:34 AM)halfie Wrote: @aestu: OpenSSL is not thread safe (especially its error handling part) unless some callbacks have been implemented.
See http://curl.haxx.se/libcurl/c/threaded-ssl.html. How much speed are you getting with your cracker?
crackpkcs12 use openssl into two steps:
1.- Every thread loads its own pkcs#12 struct from file
2.- Check passwords
Step 1: I avoid concurrency by using a mutex.
Step 2: Every thread has its own struct and there is no concurrency problems
You can check crackpkcs12 works.
Regarding speed, I achieve 260k/s using brute force and this CPU (not a cutting edge one):
Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
aestu
(06-29-2012, 11:14 AM)halfie Wrote: I implemented support for cracking PKCS #12 files in JtR (based on aestu's program).
$ ../run/john -format=pfx -t
Benchmarking: pfx [32/32]... DONE
Raw: 2121 c/s real, 2121 c/s virtual
How does Elcomsoft distributed password recovery (which cracks at speed 500k/s) achieve those nice speeds?
Could I see your code? Is there a public repository?
Thanks,
aestu
RE: Cracking a p12 PFX certificate - halfie - 06-29-2012
aestu: are you sure about the speeds you are getting? I am getting very low speeds (2K/s).
Can you take a look at https://github.com/magnumripper/magnum-jumbo/blob/bleeding-jumbo/src/pfx_fmt.c
and see if anything is wrong?
RE: Cracking a p12 PFX certificate - aestu - 06-29-2012
(06-29-2012, 11:29 AM)halfie Wrote: aestu: are you sure about the speeds you are getting? I am getting very low speeds (2K/s).
Can you take a look at https://github.com/magnumripper/magnum-jumbo/blob/bleeding-jumbo/src/pfx_fmt.c
and see if anything is wrong?
The problem could be the PKCS#12 sample file you are using. How did you get it?
If you exported it from Internet Explorer having "Secure protection" enabled, openssl functions performance falls a lot. I don't know whether it is the case with "Elcomsoft distributed password recovery" or not.
aestu