Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <AM0PR04MB5316292E1C557BB57D6E63B1A7070@AM0PR04MB5316.eurprd04.prod.outlook.com>
Date: Tue, 21 May 2019 08:56:33 +0000
From: Dudy Dudy <sunsawe@...mail.com>
To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: RE: zip2john fails to hash my zip file

Hello,

I followed your advice and could very easily produce an archive that presents the same problem.
Using 7zip's UI on Ubuntu, it's easy to create an archive with the following characteristics (mostly default values):

  *   Archive format: zip
  *   Compression level: Normal
  *   Compression method: Deflate
  *   Dictionary size: 32 KB
  *   Encryption method: AES-256

When running zip2john on the resulting file, I get a gigantic hash (several screens) and the final line is:
ver 81.9 7z2john.zip/7z2john.py is not encrypted, or stored with non-handled compression type

Does this help?
Is there a way to feed the original information to zip2john?

________________________________
De : magnum <john.magnum@...hmail.com>
Envoyé : lundi 20 mai 2019 19:48
À : john-users@...ts.openwall.com
Objet : Re: [john-users] zip2john fails to hash my zip file

On 2019-05-20 21:30, Solar Designer wrote:
> This is in addition to magnum's answer (which is correct and
> JtR-centric, as is most appropriate for this list, but I feel I can add
> beyond-JtR material as well).

Those additions might be correct or not in this case, I'm not sure
(anyway they are definitely good things to know).

As far as I understand, nothing in the mentioned zipinfo output confirms
it's really a pkzip-type file at all (or does it?). In fact (again I'm
not sure about anything here) off the top of my head the "minimum
software version required to extract:   5.1" tells us this is likely
beyond pkzip and more like winzip (but apparently there's no certainity
it's even that - it could be some mish-mash that only 7z is able to
produce).

magnum

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.