Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 29 Dec 2020 23:21:06 +0100
From: Solar Designer <solar@...nwall.com>
To: Jeff Johnson <echo5juliet@...il.com>
Cc: john-users@...ts.openwall.com
Subject: Re: use data from known password zipfile created by the same machine/user?

Hello Jeff,

On Mon, Dec 28, 2020 at 06:03:53PM -0800, Jeff Johnson wrote:
> I have two zip files I created on the same machine. One password I know,
> the other I have lost. I have created zip2john hash files for both zip
> files. File1.zip I know the password for. File2.zip I don't.
> 
> Is it possible to gather any kind of hash result or salt from processing
> the File1.zip file that will aid jtr in figuring out File2.zip easier?

It depends.  If both are PKZIP archives, were created in a similar way,
and contain similar data, then you might be able to exploit PKZIP's
vulnerability to a known plaintext attack.  The tool to use is bkcrack:

https://github.com/kimci86/bkcrack

This is tricky to do and it does not always succeed (as you might not
correctly guess enough data the way it looks post-compression), but now
there are some writeups/tutorials:

https://ctftime.org/writeup/15072
https://www.programmersought.com/article/13436370754/
https://blog.devolutions.net/2020/08/why-you-should-never-use-zipcrypto

If successful, you'll be able to recover your encrypted data without
ever needing nor finding out the unknown password.

Now to uses of JtR:

> File1.zip password is very similar to: 1Jump.H1gh3r
> It's highly likely I used similar kinds of letter replacement for File2.zip
> 
> I tried:
> ./john File2.hash
> and
> ./john --wordlist=rockyou.txt --rules:All File2.hash

This is a good start, but as you've found out now you need to customize
the attack.  Robert suggested you use Crunch, but there's no reason to:
JtR has that functionality built-in.  If you think you know the password
pattern, you can use mask mode, e.g.:

./john -2='?l?u?d' --mask='?u?l?l?l.?u?2?2?2?2?2' File2.hash

If you think the password is at a small edit distance from 1Jump.H1gh3r,
you can put that known password in a wordlist file and run substitutions
against it, e.g.:

echo '1Jump.H1gh3r' > w
./john -w=w --rules=oi File2.hash
./john -w=w --rules=oi --rules-stack=oi File2.hash

This also works with other rulesets.

As to "similar kinds of letter replacement", you can try the pre-defined
Leet external mode, e.g.:

./john -w=rockyou.txt --external=leet File2.hash

The rules you already ran also try such substitutions, but the external
mode tries some more.

I notice 1Jump.H1gh3r is based on two words.  So you might want to take
short lists of common English words and combine them into pairs before
applying rules.  You can use wordlists and Perl scripts mentioned here:

https://www.openwall.com/lists/john-users/2018/08/31/3
https://www.openwall.com/lists/john-users/2020/07/22/3
https://www.openwall.com/lists/john-users/2020/07/22/4

To have JtR itself combine words, you can use PRINCE mode, e.g.:

./john --prince=top3000eng File2.hash
./john --prince=top3000eng --rules=oi File2.hash

You can also do something like:

./john -w=top3000eng --rules=jumbo --stdout | ./unique top3kj
./john --prince=top3kj File2.hash

Indeed, you can also combine the above approaches, and will probably
need to do so.

For testing, you might want to see which of these commands would have
cracked your known 1Jump.H1gh3r password.  For near-misses, adjust the
commands to hit that one password.  Then you'll probably have a better
chance to crack your unknown password as well.

I hope this helps.

Alexander

P.S. You don't appear to be subscribed to the list (unless possibly
under another address).  If so, you might want to subscribe so that you
don't miss a reply and can participate in discussions.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.