|
Message-Id: <DB5326BA-3FE6-42D2-83DB-0C8A5DD28896@philippteister.com>
Date: Sat, 20 Feb 2016 18:04:49 +0100
From: Philipp Teister <login@...lippteister.com>
To: john-users@...ts.openwall.com
Subject: Re: Cracking zip files
Hi Alex,
ZIP is actually broken and can be brute-forced with a proper dictionary.
I tested it with a custom zip pwd cracker, it returned mulitple solutions (pwds) for one zip archive.
You can write something like this yourself, for example: I used not more than 15 lines in python
I am sry if this answer is a bit off-topic(JTR-wise) but nonetheless this solution worked for me many times
best -Philipp
> On 20 Feb 2016, at 17:03, Alex <mysqlstudent@...il.com> wrote:
>
> Hi,
>
> I'm using john-1.7.9-jumbo-8-RC_omp on fedora22 on an x86_64 desktop
> and have a zip file with two CSV files in it that I need to access.
>
> After creating the shadow entry with zip2john, I start to crack the
> password. However, it just keeps printing "possible" passwords, none
> of which appear to work. Is there a point where it prints the actual
> password? Or do I need to continually try those which it *thinks* are
> the passwords?
>
> It also shows there was one hash cracked when using --show, it doesn't work:
> [alex@...x-pc ~]$ john --show zipfile.john
> zipfile.zip:ashoon:::::zipfile.zip
>
> 1 password hash cracked, 0 left
>
> How long is the typical time it takes to crack a zip password at about
> 8k c/s? Should I expect several days with current hardware?
> model name : AMD Phenom(tm) II X6 1090T Processor
> cpu MHz : 3210.771
> cache size : 512 KB
>
> guesses: 13 time: 0:00:01:12 0.00% c/s: 8270 trying: pee64 - pigi4
>
> [alex@...x-pc ~]$ zip2john zipfile.zip > zipfile.john
> zipfile.zip->02-10_hosts.csv is using AES encryption, extrafield_length is 11
> [alex@...x-pc ~]$ john --incremental zipfile.john
> Loaded 1 password hash (WinZip PBKDF2-HMAC-SHA-1 [32/64])
> Note: This format may emit false positives, so it will keep trying even after
> finding a possible candidate.
> ashoon (zipfile.zip)
> matou (zipfile.zip)
> brypoo (zipfile.zip)
> abe113 (zipfile.zip)
> br1e2 (zipfile.zip)
> 0706812 (zipfile.zip)
> ...
>
> Any ideas greatly appreciated.
> Thanks,
> Alex
Download attachment "signature.asc" of type "application/pgp-signature" (843 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.