Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 1 Nov 2017 13:07:45 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Kruptos encrypted file hash with John?

On Tue, Oct 31, 2017 at 10:42:44AM -0700, John McNamara wrote:
> Jump to present day I found an old backup from 10 years ago that I
> personally had encrypted files with Kryptos (.enc files) and some other
> self-exacting EXE files I created with abi-coder. I cannot for the
> life of me remember the password, or combination of passwords I used,
> or what I put in the files and its become a personal project of mine
> to gain access and started with the .enc files as it seemed easier
> than an exe file.  I'm not sure if its possible or if JtR is even the
> proper tool to use?

Hi,

Where can be the "Kryptos" software downloaded from?

ABI-Coder is available at http://www.adamberent.com/ABICoder (the
author's homepage).

> I downloaded the version of Krytpos I think that I used to create the
> .enc files and created another .enc file with a weak password
> (testtest or hello) to see if I could figure it out with an easy
> password to see if I was on the right track instead of waiting a long
> time working on the real file.
> 
> I think this is kind of like running it on a zip file, but I'm assuming the
> .enc file is a very different format.  Just for the heck of it I tried
> zip2john on it, didn't work.  Also tried running john on the .enc file
> directly, I don't think that worked because it thinks its a type
> whirlpool?  Doesn't seem to find the password.
> 
> I'm sorry if this is a stupid question, but I've gone through the tutorials
> and some history of this email list and can't seem to find anything
> relating to working with other file types that someone hasn't directly
> written a tool to extract the hashes from?  Perhaps JtR isn't used in this
> capacity and I'm heading in the wrong direction.

JtR is indeed the right tool for this job.

However, JtR does not have support for brute-forcing Kryptos (Kruptos?) and
ABI-Coder encrypted files currently.

Given the relative obscurity of these proprietary (?) file encryption
tools, it is quite likely that no one would volunteer to add such
support in JtR Jumbo anytime soon.

Perhaps https://github.com/magnumripper/JohnTheRipper/issues/2553
(Support for cracking Dekart DPD files) is relevant to this topic.

Thanks,
Dhiru

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.