$ cd JohnTheRipper/src $ ./configure && make -s clean && make -sj4 $ cd ../run $ ./john | head -1 John the Ripper 1.9.0-jumbo-1-bleeding-dbbceb5d1 2019-05-06 23:06:39 +0200 OMP [linux-gnu 64-bit x86_64 AVX AC]
ed25519key $ ./ssh2john.py ed25519key > ed25519key.hash $ ./john --format=SSH --wordlist=../../SecLists/Passwords/darkweb2017-top10.txt ./ed25519key.hash $ ./john --show ./ed25519key.hash Note: This format may emit false positives, so it will keep trying even after finding a possible candidate. 0 password hashes cracked, 1 left $ grep ^123456$ ../../SecLists/Passwords/darkweb2017-top10.txt 123456 うまくいかない? バグ? ssh2john and john unable to brute-force password · Issue #4069 · magnumripper/JohnTheRipper
version '40000' is currently not supported! KDBX 3.1はうまくいく $ ./keepass2john ~/tmp/password.kdbx > keepassxc3.1.hash $ ./john --wordlist=../../SecLists/Passwords/darkweb2017-top10.txt ./keepassxc3.1.hash Warning: detected hash type "KeePass", but the string is also recognized as "KeePass-opencl" Use the "--format=KeePass-opencl" option to force loading these as that type instead Using default input encoding: UTF-8 Loaded 1 password hash (KeePass [SHA256 AES 32/64]) Cost 1 (iteration count) is 7448433 for all loaded hashes Cost 2 (version) is 2 for all loaded hashes Cost 3 (algorithm [0=AES, 1=TwoFish, 2=ChaCha]) is 0 for all loaded hashes Will run 4 OpenMP threads Press 'q' or Ctrl-C to abort, almost any other key for status abc123 (password) 1g 0:00:00:23 DONE (2020-07-10 06:11) 0.04214g/s 0.4214p/s 0.4214c/s 0.4214C/s 123456..123123 Use the "--show" option to display all of the cracked passwords reliably Session completed.
$ ssh-keygen -p -f ./ed25519key Enter old passphrase:123456 Key has comment '[email protected]' Enter new passphrase (empty for no passphrase):ChriOs%Swis3 wx.E1YTgJDm6c Enter same passphrase again: ChriOs%Swis3 wx.E1YTgJDm6c Your identification has been saved with the new passphrase. SSH公開鍵認証 or パスフレーズ + OATH(TOTP/HOTP) のサーバはOATH必須にし ようかなとか KeepassXCやLUKSとかdist-upgraで引き継いでいてdb等が古くなっているので最 新にしたい(バックアップ,作成し直し,リストア)なとか