Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <06301c746debef5bd104ac14e56390a9@smtp.hushmail.com>
Date: Tue, 11 Aug 2015 13:18:36 +0200
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: a question about encrypted 7z hashes

On 2015-08-11 00:02, Matthew Smith wrote:
> Currently the 7z2john.py does not support 7z archives with unencrypted file
> names.  However, hashcat has a utility that will do this.  I was wondering
> about the compatibility between the two hashes.
>
> Could you use a hash generated by the hashcat extractor utility with John
> the Ripper?  There seem to be some differences between the two hashes.

I'm pretty sure the hashcat tool is more complete than ours, and that 
goes for the format too. So I think this is the current situation:

- for solid archives, 7z2john or 7z2hashcat will produce the same 
output, and JtR or oclHashcat can be used to crack it.

- for non-solid archives, only 7z2hashcat will produce a "hash" and JtR 
lacks some code to handle this output.

So what we should do is first, make our format handle the 7z2hashcat 
output for non-solid archives, and second, enhance 7z2john (or adopt 
7z2hashcat code, iirc the license would allow it).

> I guess I don't understand hashes.  Shouldn't they be the same as the
> password is the same?  Why are they different?  Could I use the output from
> the 7z2hashcat.pl hash as input to JTR as I can't get the hash with any
> available JTR tools?

The reason for confusion is 7z is not really a hash. We call it non-hash.

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.