Trouble Extracting Hash from PKCS#8 Encrypted Private Key for Cracking – OpenVPN

Trouble Extracting Hash from PKCS#8 Encrypted Private Key for Cracking – OpenVPN

I have an encrypted private key for OpenVPN connection that I need to crack the passphrase for. However, tools like ssh2john.py and openssl2john.py fail to parse the key. Here’s what I’ve tried so far:

Key Format Check

Running openssl asn1parse -in client.key -inform PEM confirms that the key is in PKCS#8 format, encrypted with PBES2 (PBKDF2 + AES-256-CBC):

PS> openssl asn1parse -in client.key -inform PEM
0:d=0  hl=4 l=1311 cons: SEQUENCE
4:d=1  hl=2 l=  73 cons: SEQUENCE
6:d=2  hl=2 l=   9 prim: OBJECT            :PBES2
17:d=2  hl=2 l=  60 cons: SEQUENCE
19:d=3  hl=2 l=  27 cons: SEQUENCE
21:d=4  hl=2 l=   9 prim: OBJECT            :PBKDF2
32:d=4  hl=2 l=  14 cons: SEQUENCE
34:d=5  hl=2 l=   8 prim: OCTET STRING      [HEX DUMP]:B3<snip>EB
44:d=5  hl=2 l=   2 prim: INTEGER           :0800
48:d=3  hl=2 l=  29 cons: SEQUENCE
50:d=4  hl=2 l=   9 prim: OBJECT            :aes-256-cbc
61:d=4  hl=2 l=  16 prim: OCTET STRING      [HEX DUMP]:0C<snip>7A
79:d=1  hl=4 l=1232 prim: OCTET STRING      [HEX DUMP]:E9<longSnip>92

The key file starts with:

-----BEGIN ENCRYPTED PRIVATE KEY-----
<snip>
-----END ENCRYPTED PRIVATE KEY-----

This indicates that it is PKCS#8 encrypted rather than an OpenSSH private key.

Attempt to Extract Hash

I tried using ssh2john.py:

PS C:\john\run> python ssh2john.py client.key > hash.txt
[client.key] couldn't parse keyfile

when looking at the source of ssh2john.py I found the following lines:

 if "BEGIN RSA PRIVATE" in line:
            tags.append("RSA")
            ktypes.append(0)
        elif "BEGIN DSA PRIVATE KEY" in line:
            tags.append("DSA")
            ktypes.append(1)
        # new private key format for OpenSSH (automatically enabled for
        # keys using ed25519 signatures), ed25519 stuff is not supported
        # yet!
        elif "BEGIN OPENSSH PRIVATE KEY" in line:
            tags.append("OPENSSH")
            ktypes.append(2) # bcrypt pbkdf + aes-256-cbc
        elif "BEGIN EC PRIVATE KEY" in line:
            tags.append("EC")
            ktypes.append(3)

which explains the error. I have tried tinkering with these and tried to change my client.key file to BEGIN OPENSSH PRIVATE KEY but then I ran into

Exception: Missing ATUH_MAGIC!

and it is safe to say I don't know what I'm doing at this point.

I also tried converting it to an unencrypted format using OpenSSL:

PS C:\john\run> openssl pkcs8 -in client.key -topk8 -nocrypt -outform DER -out client.der
Enter pass phrase for client.key:
PS C:\john\run> openssl pkcs8 -in client.key -inform PEM -out client.pem -nocrypt
Error decrypting key
44150000:error:0480006C:PEM routines:get_name:no start line:crypto\pem\pem_lib.c:773:Expecting: PRIVATE KEY

Lastly,

• I attempted openssl2john.py, but it does not seem to support PKCS#8.
• I also tried pfx2john.py, but since this is a .key file and not a .pfx, it doesn’t work.

Questions

• How can I extract a hash from this PKCS#8 (PBES2 + AES-256-CBC) encrypted private key to use with John the Ripper or Hashcat?
• Is there a different script or method that supports PKCS#8-encrypted private keys?

I visited hashcat repository with the issue on PKCS#8 where it says that "Support was added". And that can be seen on hashcat's example hashes. Mode 24420 should be what I'm looking for, but how do I get from client.key file to the hash they have in the example?