Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 15 Sep 2020 18:43:58 +0100
From: Jasper Jones <jazjones9292@...il.com>
To: john-users@...ts.openwall.com
Subject: cracking encrypted zip file

Hi

I'm beyond embarrassed to have to do this, but I'm at my wits' end trying
to open a zip archive from about three years ago. It contains a
cryptocurrency wallet file.

I used (I believe) the standard 256-AES settings on 7-zip to compress and
encrypt a wallet file, using .zip rather than .7z format.

Being aware of how easy it is to forget passwords, I believe I used a
combination of multiple components that I've used as the core of longer
passwords, mostly for non-critical things. The encrypted file was stored on
several thumb-drives which I stored at various secure locations. My
(idiotic) thinking was that even if I didn't remember the exact password,
I'd be able to guess it easily enough. Of course, I've tried and that isn't
working :-/

I'm reasonably certain the password contains two or three main components,
selected from a couple of words and a long number, linked with some
combination of punctuation.

I've downloaded John the Ripper (64 bit Windows), but as a non-techie I'm
really struggling with it.

The first issue is that I believe I need to use zip2john.exe to get the
hash from the zip file. It spits out a very long string of data, starting
with $zip2$, but ends with a message saying that "wallet.zip/wallet.dat is
not encrypted, or stored with a non-handled compression type".

I wondered whether I needed to use the 7z2john.pl (a perl script?), given I
used 7-zip to generate the encrypted file? I've never used perl, so not
sure how I'd go about this (and haven't yet started looking in case that
isn't needed).

Does anyone have any thoughts about how best to approach extracting
the hash? Hopefully once I have that I'll be able to work out how to use
JtR to break the password.

Many, many thanks in advance for any help you can offer.

Kind regards
Jasper

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.