Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAB1R3sjy3fNAFtwEAfRi7HwDMrTVz=k7OgHjnRBb6F=WtU_ZcQ@mail.gmail.com>
Date: Sat, 20 Feb 2016 11:03:42 -0500
From: Alex <mysqlstudent@...il.com>
To: john-users@...ts.openwall.com
Subject: Cracking zip files

Hi,

I'm using john-1.7.9-jumbo-8-RC_omp on fedora22 on an x86_64 desktop
and have a zip file with two CSV files in it that I need to access.

After creating the shadow entry with zip2john, I start to crack the
password. However, it just keeps printing "possible" passwords, none
of which appear to work. Is there a point where it prints the actual
password? Or do I need to continually try those which it *thinks* are
the passwords?

It also shows there was one hash cracked when using --show, it doesn't work:
[alex@...x-pc ~]$ john --show zipfile.john
zipfile.zip:ashoon:::::zipfile.zip

1 password hash cracked, 0 left

How long is the typical time it takes to crack a zip password at about
8k c/s? Should I expect several days with current hardware?
model name      : AMD Phenom(tm) II X6 1090T Processor
cpu MHz         : 3210.771
cache size      : 512 KB

guesses: 13  time: 0:00:01:12 0.00%  c/s: 8270  trying: pee64 - pigi4

[alex@...x-pc ~]$ zip2john zipfile.zip > zipfile.john
zipfile.zip->02-10_hosts.csv is using AES encryption, extrafield_length is 11
[alex@...x-pc ~]$ john --incremental zipfile.john
Loaded 1 password hash (WinZip PBKDF2-HMAC-SHA-1 [32/64])
Note: This format may emit false positives, so it will keep trying even after
finding a possible candidate.
ashoon           (zipfile.zip)
matou            (zipfile.zip)
brypoo           (zipfile.zip)
abe113           (zipfile.zip)
br1e2            (zipfile.zip)
0706812          (zipfile.zip)
...

Any ideas greatly appreciated.
Thanks,
Alex

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.