Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 13 Feb 2013 14:53:11 +0000
From: Nicolas Brulez <nicolas.Brulez@...persky.com>
To: "john-users@...ts.openwall.com" <john-users@...ts.openwall.com>
Subject: RE: RAR Cracking with JtR Jumbo (Files found during
 forensics)

Hello,

I used hex editor (hiew) to extract it, i didn't know Winrar could actually do that.
It's basically in the overlay. I had to do that since rar2john didn't want the SFX.

-- 
Best regards,

Nicolas Brulez | Malware Expert - Global Research and Analysis Team | Kaspersky Lab


-----Message d'origine-----
De : Dhiru Kholia [mailto:dhiru.kholia@...il.com] 
Envoyé : mercredi 13 février 2013 15:39
À : john-users@...ts.openwall.com
Objet : Re: [john-users] RAR Cracking with JtR Jumbo (Files found during forensics)

On Wed, Feb 13, 2013 at 8:04 PM, Solar Designer <solar@...nwall.com> wrote:
> On Wed, Feb 13, 2013 at 11:08:57AM +0000, Nicolas Brulez wrote:
>> I am looking for advice on the best setup to use JtR to crack RAR archives.
>> I extracted the RAR archives from the SFX in order to use rar2john.
>
> Great.  What tool did you use to extract the RAR archives from the SFX?

WinRAR can strip the SFX header and output plain or encrypted RAR file.

-- 
Dhiru

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.