Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added support for EC SSH keys encrypted with AES-256-CBC #5642

Open
wants to merge 2 commits into
base: bleeding-jumbo
Choose a base branch
from
Open

Added support for EC SSH keys encrypted with AES-256-CBC #5642

wants to merge 2 commits into from

Conversation

peshev
Copy link

@peshev peshev commented Dec 29, 2024

No description provided.

magnumripper
magnumripper reviewed Dec 30, 2024
View reviewed changes
Copy link
Member

@magnumripper magnumripper left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we enable some of the commented-out test vectors (nicked from hashcat in #5633) with these changes? If so, I suggest you do so as well. Thanks!

@solardiz
Copy link
Member

Thank you for the contribution @peshev!

@Nothing4You This PR reworks your addition from #5641 (why does it, @peshev?), you could want to test whether the "hash" produced by the script as revised here is still also usable with hashcat or not - and let us all know. Thank you!

@solardiz solardiz mentioned this pull request Dec 30, 2024
Open
@peshev
Copy link
Author

peshev commented Dec 30, 2024
edited
Loading

@solardiz The fact that both I and @Nothing4You submitted similar PRs in a short timespan is probably not a coincidence. I assume both of us were doing the same thing: a CTF-style challenge, part of 38C3 - TELNET-KLARTEXT-REDEN.

His PR allows the ssh2john.py script to produce hash files that work in hashcat - unfortunately they do not work in john.
My version introduces a new cipher type (7), and its implementation in the john code - unfortunately, the hasfile produced by the script doesn't work in hashcat, since hashcat doesn't have cipher type 7.

I'll do some further work on this, in order to allow the ssh2john.py script to produce files that work in both john and hashcat, and fix #5634

@solardiz
Copy link
Member

I'll do some further work on this, in order to allow the ssh2john.py script to produce files that work in both john and hashcat, and fix #5634

Thank you! Please also add a doc/NEWS entry summarizing these improvements.

@Nothing4You
Copy link
Contributor

@solardiz The fact that both I and @Nothing4You submitted similar PRs in a short timespan is probably not a coincidence. I assume both of us were doing the same thing: a CTF-style challenge, part of 38C3 - TELNET-KLARTEXT-REDEN.

This was indeed what prompted me to PR this :)

I'm not sure though why this would need to introduce a new hash type rather than making $5$ work with John?
Especially as that is already working with Hashcat, that seems to be the more sensible change, unless there is some fundamental difference in implementations that would prevent this?

@magnumripper
Copy link
Member

I'm not sure though why this would need to introduce a new hash type rather than making $5$ work with John?
Especially as that is already working with Hashcat, that seems to be the more sensible change, unless there is some fundamental difference in implementations that would prevent this?

Right, we definitely want hashcat and john use the same input "hash" format if at all possible. For brand new formats to both, we normally seek consensus on the format beforehand nowadays.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@magnumripper magnumripper magnumripper left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@peshev @solardiz @Nothing4You @magnumripper