Help ssh2john

edited November 2019 in Tools
I took id_rsa and did that:
Ssh2john id_rsa > crack.txt

John wordlist(rockyou) crack.txt

But John don't display me the password im sure that the password is into rockyou...
Time to finish bruteforce : 2020...

LITTLE EDIT: i have created rsa_id with ssh-keygen to test john with little wordlist and john get in output with wrong password... (the password that i entered was password123)
Tagged:

Comments

  • edited November 2019

    we can discuss on PM.

    1nitiative

  • John should not try bruteforcing if you define a wordlist.

    Can you paste the exact commant to this post?

  • Type your comment> @cpc6128 said:
    > John should not try bruteforcing if you define a wordlist.
    >
    > Can you paste the exact commant to this post?

    john --wordlist=/usr/share/wordlists/rockyou.txt /root/crack.txt
  • I usually use the syntax john <hashfile> --wordlist=<wordlist>

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments). And remember to +respect me if I helped you ; )
  • Type your comment> @clubby789 said:
    > I usually use the syntax john <hashfile> --wordlist=<wordlist>

    The same thing happens...
  • Can you paste your ssh hash?

  • Or even better the id_rsa file

  • ssh2john id_rsa > crack
    john --format=SSH --wordlist=rockyou crack
    when it's done
    john crack --show

  • Type your comment> @crash0 said:
    > ssh2john id_rsa > crack
    > john --format=SSH --wordlist=rockyou crack
    > when it's done
    > john crack --show

    It don't work for me, john finish in 2020 lol, and if i interrupt the brute john - - show crack = 0 password found 1 hash left
  • > @cpc6128 said:
    > Or even better the id_rsa file

    Here id_rsa clean
    And id_rsa after ssh2john

    https://pastebin.com/z8bEWDDY
  • Thank you. I think the cracking issue is related to bcrypt.
    My VM is only doing 20-30 Hashes per Second!

    Where did you get this id_rsa file ?!?

  • Type your comment> @cpc6128 said:
    > Thank you. I think the cracking issue is related to bcrypt.
    > My VM is only doing 20-30 Hashes per Second!
    >
    > Where did you get this id_rsa file ?!?

    Ssh-keygen
    But the problem is with all id_rsa, for example box traverxec(rooted) i can't decode with ssh2jhn
  • Type your comment> @xVoid said:

    Ssh-keygen
    But the problem is with all id_rsa, for example box traverxec(rooted) i can't decode with ssh2jhn

    ssh2john converts the private key to a format that john can crack it. You output this as a file and then you run john on it

  • I have also root at traverxec. So just drop a message, if we should have a look at the problem.
  • Type your comment> @cpc6128 said:
    > I have also root at traverxec. So just drop a message, if we should have a look at the problem.
    I rooted too traverxec
    But the problem persist
  • Type your comment> @crash0 said:
    > Type your comment> @xVoid said:
    >
    > (Quote)
    > ssh2john converts the private key to a format that john can crack it. You output this as a file and then you run john on it

    I tryed too ssh2john id_rsa > crack(not txt)
  • can anyone help me on "couldn't parse file" error while coverting RSA key with ssh2john.py.

  • can you copy and paste the begin and the end from the rsa file?

    there is no place like 127.0.0.1
  • edited February 7

    Try this:
    john --wordlist=/usr/share/wordlists/rockyou.txt crack.txt

    Assuming your rockyou list is still in /usr/share/wordlists... otherwise include your file path

  • @Beast01 PM me if ur still having a problem

  • ty i got this

  • edited February 22

    Looking for mentorship!
    DM is willing to help with ssh2john thanks

  • Quick pointer: If you're using a current Kali VM, ssh2john is a python script located under /usr/share/john/ssh2john.py

    If you have the private SSH key you first need to generate a hash from it that john can work with:
    python /usr/share/john/ssh2john.py id_rsa > id_rsa_hash.txt

    Run john with rockyou or whatever list you want to use:
    john --wordlist=/usr/share/wordlists/rockyou.txt id_rsa_hash.txt

Sign In to comment.