Date: Thu, 17 Sep 2020 16:20:30 +0100 From: Jasper Jones <jazjones9292@...il.com> To: john-users@...ts.openwall.com Subject: Re: cracking encrypted zip file Apologies Alexander, I missed your email until just now. Comments/answers in-line below. Thanks Jasper On Wed, 16 Sep 2020 at 20:51, Solar Designer <solar@...nwall.com> wrote: > On Wed, Sep 16, 2020 at 06:47:10AM +0100, Jasper Jones wrote: > > I got the following message when I started it: > > "Warning: detected hash type "ZIP", but the string is also recognised as > > "ZIP-opencl" > > Use the "--form=ZIP-opencl" option to force loading these as that type > > instead" > > > > Any issue with that? > > No, but you can in fact try this suggestion to possibly use your GPU for > much speedup, if you do have a suitable GPU and driver installed. > No, I'm just using a laptop at the moment and don't have access to a PC with GPU. At some stage (and if the current run isn't successful), I'll look into what I need to set something like this up. There's enough potentially at stake to make it worth spending some money on this. > Then: > "Using default input encoding: UTF8 > > Loaded 1 password hash (ZIP, WinZip, [PKDF2-SHA1 128/128 AVX 4x1)" > > > > Does that look right? The reference to PKDF2-SHA1 instead of AES concerns > > me, but I appreciate that could just be my ignorance showing. > > You've already figured this out (great!), but we might want to revise > this algorithm name string to also include AES. > Cool. > As to the error you were getting originally: > > > > That said, I'm still getting an error as well: "ver 5.1 > > > wallet.zip/wallet.dat is not encrypted, or stored with non-handled > > > compression type". > > It certainly looks like you have more than one file, or one file more > than once, in that archive. It might even be that you have the > wallet.dat file in there in both encrypted and non-encrypted form. I'm pretty sure there's just the one file in there. I definitely wouldn't have encrypted it first and then zipped it. It was just zipped (using 7Zip) with a password and AES256 encryption selected. There's also just the one file - wallet.dat - listed when you open the archive. Alternatively, we have a bug resulting in that spurious message. > I'll leave that to you to decide! :) > > > I don't have zipinfo (I'm on Windows), but I could download a bootable > > > Linux distribution if that would help. > > I guess you can get zipinfo on Windows if you install Cygwin. > Do you think it would help at this stage? Perhaps if the current run doesn't work I can look into that and see whether it gives more info than I've found so far. > > > 7zip itself gives some info about the compressed file: > > > > > > - attributes: An > > > - Encrypted: + > > > - Method: AES-256 Deflate > > > > > > (There's some other stuff about file size, dates, etc, but assume it's > > > the encryption info that's needed?) > > Yes, and also the listing of files. Does it show just one file? > Yes, just wallet.dat, once. Thanks as always Jasper
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.