Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sun, 10 Feb 2019 20:50:26 +0100
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: No hashes loaded from zip2john

On 2019-02-09 22:03, chris tyerman wrote:
> On 09/02/2019 15:13, Kleme K wrote:
>> Hi,
>>
>> I'm having trouble following example online from a compressed ZIP 
> 
> hello
> 
> you might want to try running
> 
> ./john --list=formats
> 
> and check that pkzip is included as if it isn't it wont load any hashes
> 
> if it isn't you may need to download a different build or rebuild it
> from source
> 

No need to download another version - the "configure" stage ends 
something like this:

---8<----------8<----------8<----------8<----------8<----------8<--

Configured for building John the Ripper jumbo:

Target CPU ................................. x86_64 AVX2, 64-bit LE
AES-NI support ............................. depends on OpenSSL
Target OS .................................. darwin18.2.0
Cross compiling ............................ no
Legacy arch header ......................... x86-64.h

Optional libraries/features found:
Memory map (share/page large files) ........ yes
Fork support ............................... yes
OpenMP support ............................. yes
OpenCL support ............................. yes
Generic crypt(3) format .................... yes
libgmp (PRINCE mode and faster SRP formats)  yes
128-bit integer (faster PRINCE mode) ....... yes
libz (pkzip and some other formats) ........ yes  <--- NOTE this one!
libbz2 (gpg2john extra decompression logic)  yes
libpcap (vncpcap2john and SIPdump) ......... yes
librexgen (regex cracking mode) ............ yes
OpenMPI support (default disabled) ......... no
ZTEX USB-FPGA module 1.15y support ......... no

---8<----------8<----------8<----------8<----------8<----------8<--

If it says "libz ... no" that's your problem. Install "libz-dev" or 
whatever it's called in your distro, then re-configure and rebuild.

magnum



>> Data :
>> An test ZIP containing 3 text files (lorem ipsum) created with Windows 7zip with the password "12345"
>>
>> Commands  :
>>
>> $ uname -a
>> Linux vm-debian-utils 4.9.0-8-amd64 #1 SMP Debian 4.9.130-2 (2018-10-27) x86_64 GNU/Linux
>>
>> $ ./john --list=build-info
>> Version: 1.8.0.13-jumbo-1-bleeding-973cdc4be 2019-02-04 08:43:45 +0000
>> Build: linux-gnu 64-bit x86_64 AVX2 AC OMP
>> SIMD: AVX2, interleaving: MD4:3 MD5:3 SHA1:1 SHA256:1 SHA512:1
>> CPU tests: AVX2
>> $JOHN is JohnTheRipper/run/
>> Format interface version: 14
>> Max. number of reported tunable costs: 4
>> Rec file version: REC4
>> Charset file version: CHR3
>> CHARSET_MIN: 1 (0x01)
>> CHARSET_MAX: 255 (0xff)
>> CHARSET_LENGTH: 24
>> SALT_HASH_SIZE: 1048576
>> SINGLE_IDX_MAX: 32768
>> SINGLE_BUF_MAX: 4294967295
>> Effective limit: Max. KPC 32768
>> Max. Markov mode level: 400
>> Max. Markov mode password length: 30
>> gcc version: 6.3.0
>> GNU libc version: 2.24 (loaded: 2.24)
>> Crypto library: OpenSSL
>> OpenSSL library version: 01010006f
>> OpenSSL 1.1.0f  25 May 2017
>> GMP library version: 6.1.2
>> File locking: fcntl()
>> fseek(): fseek
>> ftell(): ftell
>> fopen(): fopen
>> memmem(): System's
>>
>> $ ./zip2john test.zip > test.hash
>> ver 2.0 test.zip/a.txt PKZIP Encr: cmplen=1300, decmplen=3402, crc=862D5B98
>> ver 2.0 test.zip/b.txt PKZIP Encr: cmplen=1267, decmplen=3142, crc=F5F912F0
>> ver 2.0 test.zip/c.txt PKZIP Encr: cmplen=1283, decmplen=3179, crc=7CF79E09
>> NOTE: It is assumed that all files in each archive have the same password.
>> If that is not the case, the hash may be uncrackable. To avoid this, use
>> option -o to pick a file at a time.
>>
>> $ cat test.hash
>> test.zip:$pkzip2$3*1*1*0*8*24*7cf7*7f0b*60f3dd0871b7f9d6a5c6b248bee749e90dfa0c380bc3fc2f5cb7e1c548a737e7fd497fea*1*0*8*24*862d*7ef8*84c49f1408fb2c5e4eb7e08dfbde4bea5be6016ab505af43ad0779efa1e6ab1ed8c4d3e7*2*0*4f3*c46*f5f912f0*537*23*8*4f3*f5f9*7f07*b92aac438c4df3217c536db80d7db01388936af6c1f5b41c38de103d3b29902d1be3ed30c195f6b31b9f81835046df95c5c2a6b21e4069acc2dec9fa3e64cb9fafa4ceab289e91578cf202a5eb7e0cdfe6a20523a0fca4964ef159d2da21aac9249858061392fda2e274a6baa0c7934b66cf62f076bbe06c2f772ebde5f1ba986815478eb5e9544dd8cf1172d2395bbd8929caa3f7b3d075b93a6493a26f9f860b542611942ebbc7767e96fc0385ba3efc2a7f10a273beb72d45e743d8e356d9dcc3c150f0caccab53f727562ee231dd856e2d8725c5c715bddf5a3198024f2616f611af5e2da3b7af51dea5192bfd572498eab45933d1620ebc4c2b9b0f4eae13f793e9832634b8c1347d41f65f611b1cac23c748a056133c165262777956e1d8d2d272eefd841494418db863d8331d6bf66f47a8ee7727e7a3adb9f5e079214ecf88034a083f1addbe8a1836ff239878893a0ad68d897ed2977bdddbaada1cbf57d05d3ce08026349e4496be99a027acdc8bfedec18f456fbd31159a513fc842e85eb744a5d0f737678785297aeb9bca9f6b8ae7792f43e15b8009147f06b111d8c537aa20b7045ff91c488e4ee58b04bf50e0273124a11e204fc53d46c1adcd7d76865e70bdaebd66d8e38725eda5bb8521ea2f4c777d0ecf40585a9c6294bd7abf4c486dd9ca2a42985ee46661ea3147674900b55646324c29b8f1778d858a4df05bbb67f5a0ba5484fd1b6a7ea44e93a91a7350a4fc87972c228861cfcabc1651444a67675bc874a7870d433d06cdf7bf68e584409beb03b431b86b91814d3e397b091635429683168de0fcd5a43f58e6441a509389c25dccb58981cf603e9c9d2d772b95a333c2fee9b0a24a5cc0d86c503269e70fcc015af503d492ad9e4c372eb8e321d6626453f939318d66d0c4cf80cfd18152ab8946e20afd5750ea511d8813dedefba080ad43ed89787013ce717278e311cbb61355e291e2b31b3730407d23d5375aa5cf537f1d19f14564d882587bcf5e69ec4c0b558d39082a3ca0104bbafa56d9dbdeec1b9fccc463d12912d7a0b0ba719fea0481ff094bedaf0a640ffe6ca6df8dfc6985af9062e625791024d5980d526b3988fde9641c83c64ce9d7911a442a59c0354f83b5457a4129972907ec0d98bd8398e57396b35da0cab667abe6e144612f665ae57388f8556befd1409b60e709725425006636bff1c73c6bf9cfb1b592aabd47f8bc85765820b89a50eace6f9db95e27fdf74c3a319487819d7a9931047272896e1925f231c97a25e5c05765069c13216cb54e04998b46c901b2991e1049969d0f454739277fc013820cea9d0d857d016b37fafcc731cc0638dc7f51ae998b314d4f278454c2b71d61fe84201da4b7225651c87ed205bf1d36cdd2ade823209b02344f4e6115de0c8fb94f9dcfa06069d02c8aaf29923f10fdfee73b9db4ec34715911f09f7785fd578216f539448352362d09b27770f2b79694383b416ee1d16760555223532fa0ca649913b21050c3f45d5d0cc7622289d0cb69750cef7e58c1f5dd04a41f927b19cf8d3a5ac5e022491b33d0dc5c7679670d3dd510c4f67221cd143d1a6190cd3f2e91a43394bb135a214864d69ff0818e014ab23eae8a0994977e048626f96c61f09f23a5e66d868ed58e7864f1a1d020d291c799d9c021a4892d2d55496d943ed977c69160f672a3aad12679322aefae97b808c28e1b42ee48a061c9a6a392bf855ac107d09b0a54fdaf4208a9ba3d0c0c28683373a277e5c35da364acce*$/pkzip2$::test.zip:b.txt, c.txt, a.txt:test.zip
>>
>> $ ./john test.hash
>> Using default input encoding: UTF-8
>> No password hashes loaded (see FAQ)
>>
>> $ ./john --incremental test.hash
>> Using default input encoding: UTF-8
>> No password hashes loaded (see FAQ)
>>
>> I really don't know what is wrong here.
>>
>> Thanks in advance for your help,
>> Klemek
>>
>>
> 
> 
> 

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.