Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <AM0PR04MB5316067B6DCE2B17013E91AFA7060@AM0PR04MB5316.eurprd04.prod.outlook.com>
Date: Mon, 20 May 2019 15:58:50 +0000
From: Dudy Dudy <sunsawe@...mail.com>
To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: zip2john fails to hash my zip file

Hello,

I created a password protected zip file some time ago and I forgot the password (classical...). I am quite sure that at the time, I created it with the 7z program (a zip file, not a 7z file).
When I run zip2john, it lists all files contained in the archive with this:

"ver 81.9 Arch.zip/20140531.txt is not encrypted, or stored with non-handled compression type"

I just created a similar archive using this command:

"7za a -tzip -pSeCreT secure.zip secretFile.txt"

and ran zip2john on it, which was successful with this output:

"ver 78.8 secure.zip/secretFile.txt PKZIP Encr: cmplen=7741, decmplen=32801, crc=97E07BAB"

Finally, I ran zipinfo on my original archive and got this:

"""
Archive:  Arch.zip
There is no zipfile comment.

End-of-central-directory record:
-------------------------------

  Zip archive file size:                   3389480 (000000000033B828h)
  Actual end-cent-dir record offset:       3389458 (000000000033B812h)
  Expected end-cent-dir record offset:     3389458 (000000000033B812h)
  (based on the length of the central directory and its expected offset)

  This zipfile constitutes the sole disk of a single-part archive; its
  central directory contains 71 entries.
  The central directory is 5695 (000000000000163Fh) bytes long,
  and its (expected) offset in bytes from the beginning of the zipfile
  is 3383763 (000000000033A1D3h).


Central directory entry #1:
---------------------------

  20140531.txt

  offset of local header from start of archive:   0
                                                  (0000000000000000h) bytes
  file system or operating system of origin:      Unix
  version of encoding software:                   6.3
  minimum file system compatibility required:     Unix
  minimum software version required to extract:   5.1
  compression method:                             unknown (99)
  file security status:                           encrypted
  extended local header:                          no
  file last modified on (DOS date/time):          2015 Mar 15 12:39:48
  32-bit CRC value (hex):                         00000000
  compressed size:                                58771 bytes
  uncompressed size:                              59021 bytes
  length of filename:                             23 characters
  length of extra field:                          11 bytes
  length of file comment:                         0 characters
  disk number on which file begins:               disk 1
  apparent file type:                             binary
  Unix file attributes (100640 octal):            -rw-r-----
  MS-DOS file attributes (20 hex):                arc

  The central-directory extra field contains:
  - A subfield with ID 0x9901 (unknown) and 7 data bytes:
    02 00 41 45 01 08 00.

  There is a local extra field with ID 0x5855 (old Info-ZIP Unix/OS2/NT) and
  8 data bytes (GMT modification/access times only).

  There is no file comment.
"""

The second section is repeated with as many files contained in the archive.
My ultimate goal to is be able to recover the password of the archive.
What steps shall I take next?

Thank you for your help.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.