Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 28 May 2019 20:07:36 +0200
From: magnum <john.magnum@...hmail.com>
To: john-users@...ts.openwall.com
Subject: Re: zip2john fails to hash my zip file

On 2019-05-21 20:58, magnum wrote:
> On 2019-05-21 10:56, Dudy Dudy wrote:
>> I followed your advice and could very easily produce an archive that 
>> presents the same problem.
>> Using 7zip's UI on Ubuntu, it's easy to create an archive with the 
>> following characteristics (mostly default values):
>>
>>    *   Archive format: zip
>>    *   Compression level: Normal
>>    *   Compression method: Deflate
>>    *   Dictionary size: 32 KB
>>    *   Encryption method: AES-256
>>
>> When running zip2john on the resulting file, I get a gigantic hash 
>> (several screens) and the final line is:
>> ver 81.9 7z2john.zip/7z2john.py is not encrypted, or stored with 
>> non-handled compression type
>>
>> Does this help?
>> Is there a way to feed the original information to zip2john?
> 
> Thanks, then we should be able to reproduce the problem. I opened an 
> issue on GitHub for it: 
> https://github.com/magnumripper/JohnTheRipper/issues/3985

This turned out to be purely cosmetical so you can ignore the warning 
(but this will soon be fixed on GitHub). The long hash that was produced 
*is* valid and can be cracked.

magnum

>> ________________________________
>> De : magnum <john.magnum@...hmail.com>
>> Envoyé : lundi 20 mai 2019 19:48
>> À : john-users@...ts.openwall.com
>> Objet : Re: [john-users] zip2john fails to hash my zip file
>>
>> On 2019-05-20 21:30, Solar Designer wrote:
>>> This is in addition to magnum's answer (which is correct and
>>> JtR-centric, as is most appropriate for this list, but I feel I can add
>>> beyond-JtR material as well).
>>
>> Those additions might be correct or not in this case, I'm not sure
>> (anyway they are definitely good things to know).
>>
>> As far as I understand, nothing in the mentioned zipinfo output confirms
>> it's really a pkzip-type file at all (or does it?). In fact (again I'm
>> not sure about anything here) off the top of my head the "minimum
>> software version required to extract:   5.1" tells us this is likely
>> beyond pkzip and more like winzip (but apparently there's no certainity
>> it's even that - it could be some mish-mash that only 7z is able to
>> produce).
>>
>> magnum
>>
>>
> 
> 
> 


Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.