Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 31 Oct 2017 10:42:44 -0700
From: John McNamara <johnnym1266@...il.com>
To: john-users@...ts.openwall.com
Subject: Kruptos encrypted file hash with John?

I'm inexperienced with hashes and encryption and have played with JtR over
the years to learn more about how they work.  I started by generating
hashes online with weak strings and observed how JtR was able to crack the
hash.  I moved up from there and started learning about wordlists and using
them to crack hashes that are generated by strings that use common words.
It was really neat and informative to play around with.

Jump to present day I found an old backup from 10 years ago that I
personally had encrypted files with Kryptos (.enc files) and some other
self exacting EXE files I created with abi-coder.  I cannot for the life of
me remember the password, or combination of passwords I used, or what I put
in the files and its become a personal project of mine to gain access and
started with the .enc files as it seemed easier than an exe file.  I'm not
sure if its possible or if  JtR is even the proper tool to use?

I've played with some of the jumbo version features like zip2john.exe to
extract the password hashes from a zip file.  Had success with that and
moved to try and figure out how to extract the hash from the .enc file that
Kryptos created.  I downloaded the version of Krytpos I think that I used
to create the .enc files and created another .enc file with a weak password
(testtest or hello) to see if I could figure it out with an easy password
to see if I was on the right track instead of waiting a long time working
on the real file.

I think this is kind of like running it on a zip file, but I'm assuming the
.enc file is a very different format.  Just for the heck of it I tried
zip2john on it, didn't work.  Also tried running john on the .enc file
directly, I don't think that worked because it thinks its a type
whirlpool?  Doesn't seem to find the password.

I'm sorry if this is a stupid question, but I've gone through the tutorials
and some history of this email list and can't seem to find anything
relating to working with other file types that someone hasn't directly
written a tool to extract the hashes from?  Perhaps JtR isn't used in this
capacity and I'm heading in the wrong direction.

Any knowledge or direction would be greatly appreciated.  It's cool there
is a community of people with this that seem to want to help each other.

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ