hashcat Forum

Full Version: 7z2hashcat
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3
Since some users already keep asking me for the release of 7z2hashcat which I did announce here ( https://hashcat.net/forum/thread-4320-po...l#pid24661 ), I decided now to publish it on github:
https://github.com/philsmd/7z2hashcat

It is a tool which is able to extract the "hash" information from a .7z file such that it can be loaded with -m 11600 = 7-Zip mode of oclHashcat.

This is still in testing phase but I was able to use it successfully on very many encrypted .7z files (also with files where the file header is non-encrypted and other special cases, e.g. if the header is compressed to reduce file size).

Please do not hesitate to report issues (or push fixes / new features) on github or just let me know if you find it useful.

Note: there are some very rare files which can't be cracked by oclHashcat (and hence also 7z2hashcat.pl can't convert them): if the header is non-encrypted *and* some properties on pack size vs unpack size aren't satisfied. But you will see an explanation messages if this is the case
something's wrong?

./7z2hashcat.pl test.7z
Exiting subroutine via next at ./7z2hashcat.pl line 706.

file test.7z
test.7z: 7-zip archive data, version 0.2
Thanks for the report. I did fix it here: https://github.com/philsmd/7z2hashcat/co...526876209d

But I am unsure why it enters that specific section in your case (e.g. the 7z parsing didn't find any coder?!).
Maybe you can try to test newest version and if still not working (e.g. no output or error) try to troubleshoot it.
Without having that specific .7z file I can't really debug it

Thanks
Hi,

new version gave me no output....
here is my test file -> http://uloz.to/xD6qPZbD/test-txt-7z
version of used 7z is 4.31 (pretty old...)
Thank you for this useful tool philsmd Smile
Thanx again philsmd
What is the target size of the file?
One .7z resulted in a 355 Byte File, one in a 98 Bytes File?
There is no fixed size for the output of 7z2hashcat.pl. There are just some upper and lower length limits (i.e. the minimum info/bytes required and the maximum number of bytes of the blob that oclHashcat could verify *on GPU*).
It depends on many factors, such as if the file has encrypted header (file list), how many files there are within the .7z file, if checksum/crc32 check is possible or not (this is not always the case and furthermore is prone to collisions)...
The details can be checked by looking at the source code of 7z2hashcat.pl or (even better but also more "complicated") at the .7z file format description.
In short: there is no such thing like "target size of the output of 7z2hashcat.pl" because oclHashcat must have "just enough" information to be able to verify the data given a password candidate.
I have a very large password protected 7zip file (29GB). Whilst trying to save my information to my new computer, I forgot my password to my 7zip file (what's not new).

So I thought I'd try cudahashcat for a change to attempt to recover the password. I launched 7z2hashcat to get the output hash but I got a message that says:

Wide character in Compress::Raw::Lzma:: Decoder::code input parameter at 7z2hashcat.pl line 585.

I tried to run a test encrypted 7zip file with a small size and successfully got the hash, so I am guessing this large sized file could be the culprit. Any ideas people?

Thanks in advance.
Pages: 1 2 3