Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 8 Sep 2009 16:57:07 +0200
From: rembrandt <rembrandt@...erlin.de>
To: john-users@...ts.openwall.com
Subject: Re: John and RARs or ZIPs

On Tue, 8 Sep 2009 08:47:09 -0600
RB <aoz.syn@...il.com> wrote:

> On Tue, Sep 8, 2009 at 08:06, Nahuel Grisolía<nahuel.grisolia@...il.com> wrote:
> > Hey Guys, i just want to know if anyone of you has ever coded something to
> > use John to crack the encryption used in RARs (AES128) or ZIPs (??).
> 
> This is a class of query that comes up here quite often - "can JtR be
> used to crack X?"  The answer depends largely on the implementation,
> but is generally "no": JtR doesn't directly support specific file
> formats, it handles password hashes.
> 
> In clarification (and simplified terms), you need to understand the
> difference between hashing and encryption. 

I wont say it is possible but as far as I know the passwords of many
applications get hashed even the data itself gets encrypted.

This is not related to WinZIP or WinRAR 'course I do not know how they
do it but: If a applications hashes the password only but encrypts the
content then you are very likely able to crack the password hash with
john if:

- You can extract the password hash and make a testuser:testpassword file
- John supports the algorithm

But related to WinZIP you might like to read:
http://www.winzip.com/aes_info.htm#pwd-verify


Kind regards,
Rembrandt


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.