john-users - Re: Unable to crack the password of a test rar file.

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Date: Sat, 19 May 2018 11:51:55 +0200
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: Unable to crack the password of a test rar file.

On Sat, May 19, 2018 at 12:39:42AM +0100, Eric Watson wrote:
> pi@...pberrypi:/var/share/temp/JohnTheRipper-bleeding-jumbo/run $ ./john 
> --list=build-info |head -n 1
> Version: 1.8.0.13-jumbo-1-bleeding-7a1760b93b 2018-05-16 21:26:40 +0200
> 
> I made a test rar file using the rar archive facility in raspbian and 
> applied it to rar2john. This produced a hash:
> 
> test_file.txt.rar:$RAR3$*0*bd7549acfcdaf98f*391e8bdf3598de12b55063b6a5584bc3:0::::test_file.txt.rar
> 
> which I saved as a txt file. I then applied John and Johnny to this but 
> failed to load it.
> 
> pi@...pberrypi:/var/share/temp/JohnTheRipper-bleeding-jumbo/run $ john 
> test_pswd.txt
> No password hashes loaded (see FAQ)

It looks like you possibly ran two different versions of John - "./john"
for printing the build info vs. "john" for trying to run the attack.
"./john" means the John binary that is in the current directory.  "john"
generally means the John binary that is installed on the system globally
(maybe as part of your Linux distro).  Please use "./john" in both cases.

Alexander

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.