Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 06 Jan 2014 05:31:31 +0100
From: magnum <>
To: "" <>
Subject: pkzip format vs.


On 2014-01-06 02:52, magnum wrote:
> On 2013-12-23 23:15, Solar Designer wrote:
>> I've just tested bleeding-jumbo's zip2john and the pkzip format on:
>> Surprisingly, it failed to crack the password, even though the password
>> is trivial (I've even "cracked" it manually).  I think zip2john might be
>> confused by the very first entry in the .zip file being a directory, or
>> it could be some other issue.
> I created an issue for this:

I'd appreciate knowing the password when debugging this. I tried a few 
but gave up because it seems impossible to script my unzip binary with 

The directory has nothing to do with it. Any entry with an uncompressed 
length < 12 is ignored. I first assumed this was an issue of "file 
magic" known-plain false negative (in which case I'd make that option 
non-default - the early rejection of Huffman encoding is quick enough 
now anyway) but that seems not to be the case - unless john somehow 
missed the "extremely easy" password, as Ange put it.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.