Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 4 Sep 2016 17:01:16 +0200
From: magnum <>
Subject: Re: Path in hash?

On 2016-09-04 13:21, Florian Pelgrim wrote:
> I'm struggeling to gain the used encryption method and which program was
> used.
> I tried to match the hash to some other hashes but I did not found any
> archive hash which uses the path inside the hash.
> I'm running john-1.8.0-jumbo-1 and the output from zip2john is:

This is a zip hash (as opposed to pkzip, which is different). The full 
zip file is needed when running john, so the full path is stored (and 
you must not move the file from /root). In latest Jumbo (on github) this 
has changed - file data is always inlined as a "hash" making that input 
file potentially huge, and there's no dependency on the original zip file.

> Can someone tell me what kind of hash this is and how to figure it out
> on my own?

Just run john without the --format option and it should pick the correct 


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.