openoffice-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Weir <robw...@apache.org>
Subject Re: Need Help - Solved, got help
Date Tue, 11 Mar 2014 21:02:53 GMT
On Sat, Mar 8, 2014 at 1:46 AM, Klaus Muth <muth@hagos.de> wrote:
> Quick update.
>
> Since I was really interested in password security of OpenOffice, Vanessa had
> not much trouble to talk me into giving it a try. So I compiled an MPI
> version of john and started it on my i7-2600 4-core 3.4GHz on 7 CPUs, John
> chose to use the AVX extension (no fancy graphic card - so no NUMA or CUDA)
>
> I had some infos (language + max pw length) from Vanessa.
>
> It took a total of 77h of CPU time in incremental mode (no hit in single shot
> and dictionary mode) to get a 7 character all lower case password with this
> setup.
>

Thanks for the reminder of the importance of picking high-quality
passwords of sufficient length.   There is a reason why online
services like banks, Amazon, etc., require complex passwords.  Short,
simple ones easily fall to brute-force attacks.

Do you have a sense for what your average rate was, passwords/second,
with your configuration?

This pages gives a rough estimate of how long it takes to crack a
password, depending on its complexity and length:

http://www.lockdown.co.uk/?pg=combi

As you can see, moving from a short alphabetic password to 8
character-long of mixed upper/lower/number/symbol is the difference
between a password that can be cracked in minutes versus millenia.  Of
course, quantum computers could someday change that all...

Regards,

-Rob


> I was able to send back an unencrypted 433 pages book.
>
> No, I'm not that interested - I won't do that a second time. I provided all
> information needed to do it yourself.
>
> Am 06.03.2014 15:02, schrieb Klaus Muth:
>> Ok. Tried out. You need:
>> 1. Encrypted OpenDocumentFormat File (i.e. your book)
>> 2. John The Ripper from http://www.openwall.com/john/, I used
>>    http://www.openwall.com/john/g/john-1.7.9-jumbo-7.tar.bz2
>> 3. A Linux System (There is a Windows binary too)
>>
>> - Now Download john, then untar it:
>>     tar xvfj john-1.7.9-jumbo-7.tar.bz2
>> - compile it
>>     cd john-1.7.9-jumbo-7/src
>>     make clean linux-x86-64-native
>> - test it
>>     cd ../run
>>     ./john --test
>> - get password hash:
>>     ./odf2john.py MyImportantCrypted.odt > passwd
>> - crack password hash
>>     ./john passwd
>>
>> In my example it took john 17 seconds to realize that my password was
>> actually 123456 - which is of course the most commonly used password ever and
>> so one of the first tested options:
>>
>>  ./john passwd
>> Loaded 1 password hash (ODF SHA-1 Blowfish [32/64])
>> 123456           (MyImportantCrypted.odt)
>> guesses: 1  time: 0:00:00:17 DONE (Thu Mar  6 14:43:10 2014)  c/s: 1132
>> trying: 123456
>>
>> You might need some kind of Computer Nerd and some fast hardware to crack
>> your ODF Password, but that might be easy to get compared to writing your
>> book again.
>>
>> Using passwords on the only original of a file is generally a bad idea - you
>> use them to secure a copy you want to send by mail or on a stick.
>>
>>
>> Am 06.03.2014 13:11, schrieb Vanessa Silva:
>>> Hello,
>>>
>>>
>>> i’ve written a book, took me over 200 hours, saved it with open Office writer
and made a Password for it. Then i didn’t use the document in a while and now i forgot the
Password. Please help me, i Need my book back! Can i send you the document per E-Mail? can
you erase dthe Password? Please, i beg you. I Need it!
>>>
>>>
>>> I’ll wait for your answer.
>>>
>>>
>>> Vanessa Silva
>>>
>>>
>>>
>>>
>>>
>>>
>>> Gesendet von Windows Mail
>>>
>>
>>
>> Freundliche Grüße
>>
>
>
> Freundliche Grüße
> --
> Klaus Muth
> HAGOS eG                   Industriestr. 62     fon:   (+49) 711 78805-7086
> EDV-Programmierung         70565  Stuttgart     fax: (+49) 711 78805-957035
> http://www.hagos.de            Germany                 mailto:muth@hagos.de
>
> HAGOS Verbund deutscher Kachelofen- und Luftheizungsbauerbetriebe eG
> Sitz:                      Stuttgart
> Rechtsform:                Genossenschaft
> Registergericht:           Stuttgart GnR 77
> Vorstände:                 Guido Eichel, Ralf Tigges
> Aufsichtsratsvorsitzender: Thomas Müller
> USt.-ID-Nr.:               DE 147799748
>
> -------------------------------------------
> List Conduct Guidelines: http://openoffice.apache.org/list-conduct.html
> To unsubscribe, e-mail: users-unsubscribe@openoffice.apache.org
> For additional commands, e-mail: users-help@openoffice.apache.org
>

-------------------------------------------
List Conduct Guidelines: http://openoffice.apache.org/list-conduct.html
To unsubscribe, e-mail: users-unsubscribe@openoffice.apache.org
For additional commands, e-mail: users-help@openoffice.apache.org


Mime
View raw message