I tried to crack (brute force) my private SSH key I use, but I couldn’t find a working tool for Windows, so I modified a simple private key cracker done by anonymous@echo.or.id. I also tweaked it a bit, I increased the performance and added a basic benchmark.
Update 19.10.2007: new version (0.3) added, increased performance about 50%.
1 2 3 4 5 6 7 8 9 | ssh-privkey-crack v0.3 made by anonymous@echo.or.id, enhanced by michu@neophob.com Usage: ssh-privkey-crack [DSA or RSA private key file] [-v|-q] -v: verbose mode -q: quite mode Example: $ john-mmx -stdout -incremental | ssh-privkey-crack id_dsa $ ssh-privkey-crack id_dsa < dictionary |
Here is a sample output of a successfully attack:
1 2 3 4 5 6 7 8 9 10 11 12 | ssh-privkey-crack v0.3 made by anonymous@echo.or.id, enhanced by michu@neophob.com keyheader: Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,256BD3BB384A1DDC trying inf keys/s, # of tested keys: 3001. ——————————————————————————- — - Passphrase match: . Found password after 0 seconds and 3107 tries. ———————————————————————————- — - |
This brute force method is not really fast, I compute about 15’000 keys / s on a P4 (4000 Bogo Mips).
