[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 4 Sep 2016 17:01:16 +0200
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: Path in hash?
On 2016-09-04 13:21, Florian Pelgrim wrote:
> I'm struggeling to gain the used encryption method and which program was
> used.
>
> I tried to match the hash to some other hashes but I did not found any
> archive hash which uses the path inside the hash.
>
> I'm running john-1.8.0-jumbo-1 and the output from zip2john is:
> test3.zip:$zip2$*0*1*0*edda46c4e04bcef3*da68*25ef89*ZFILE*/root/test3.zip*1e8784e*1e87899*1ae93ae8ab72ff1f51e2*$/zip2$:::::test3.zip
This is a zip hash (as opposed to pkzip, which is different). The full
zip file is needed when running john, so the full path is stored (and
you must not move the file from /root). In latest Jumbo (on github) this
has changed - file data is always inlined as a "hash" making that input
file potentially huge, and there's no dependency on the original zip file.
> Can someone tell me what kind of hash this is and how to figure it out
> on my own?
Just run john without the --format option and it should pick the correct
format.
magnum
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
