Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 19 Oct 2014 16:05:23 +0300
From: Milen Rangelov <>
Subject: Re: PKZIP and GPU acceleration

I get it.

It's a pity there isn't a decent gpu-enabled cracker for old zip format
that can employ all the tricks (handling multiple files in archive, doing
some (semi-reliable) quick MIME type checks against file extension or
benefiting from having a cleartext version of any file in the archive,
tricks like that. Many of those would not fill well in a framework of an
existing password cracker and would be hard/not possible to implement
without refactoring which would be an overkill for just one format that is
less and less used I guess.

On Sun, Oct 19, 2014 at 3:40 PM, Solar Designer <> wrote:

> On Sat, Oct 18, 2014 at 04:19:29PM +0000, Federico wrote:
> > Right now i'm trying to decrypt a pkzip hash on a c3.8xlarge
> > This is a 1.7.9 jumbo with openmp:
> >
> > Benchmarking: PKZIP [32/64]... (32xOMP) DONE
> > Many salts:     148070K c/s real, 4630K c/s virtual
> > Only one salt:  34508K c/s real, 1078K c/s virtual
> >
> > At work:
> > guesses: 0  time: 0:00:02:32 0.00% (3)  c/s: 28193K  trying: 29vgwbip -
> > 29v336s0
> >
> > How about this? Sounds good?
> >
> > On the official 1.8.0 i cant decrypt pkzip hashes (havent tryed a test
> > with fork=32)
> You ought to use bleeding-jumbo, then --fork=32 will work:
> It also has at least one bug relevant to pkzip archive cracking fixed,
> compared to 1.7.9-jumbo-7.
> When testing length 8 passwords, it gives about 80M c/s cumulative for
> --fork=32 on 2xE5-2670.  For length 5, it's about 100M c/s cumulative,
> and it completes in one and a half minutes (for printable US-ASCII).
> This is for a "./configure --disable-openmp" build of JtR, testing
> against  Its
> trivial length 6 password normally gets cracked instantly, but I was
> specifically locking to length 8 or 5 to avoid that.  BTW, 1.7.9-jumbo-7
> fails to crack that password because of the bug I mentioned.
> Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.