Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 20 Feb 2016 11:03:42 -0500
From: Alex <>
Subject: Cracking zip files


I'm using john-1.7.9-jumbo-8-RC_omp on fedora22 on an x86_64 desktop
and have a zip file with two CSV files in it that I need to access.

After creating the shadow entry with zip2john, I start to crack the
password. However, it just keeps printing "possible" passwords, none
of which appear to work. Is there a point where it prints the actual
password? Or do I need to continually try those which it *thinks* are
the passwords?

It also shows there was one hash cracked when using --show, it doesn't work:
[alex@...x-pc ~]$ john --show zipfile.john

1 password hash cracked, 0 left

How long is the typical time it takes to crack a zip password at about
8k c/s? Should I expect several days with current hardware?
model name      : AMD Phenom(tm) II X6 1090T Processor
cpu MHz         : 3210.771
cache size      : 512 KB

guesses: 13  time: 0:00:01:12 0.00%  c/s: 8270  trying: pee64 - pigi4

[alex@...x-pc ~]$ zip2john > zipfile.john>02-10_hosts.csv is using AES encryption, extrafield_length is 11
[alex@...x-pc ~]$ john --incremental zipfile.john
Loaded 1 password hash (WinZip PBKDF2-HMAC-SHA-1 [32/64])
Note: This format may emit false positives, so it will keep trying even after
finding a possible candidate.
ashoon           (
matou            (
brypoo           (
abe113           (
br1e2            (
0706812          (

Any ideas greatly appreciated.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.