Hash $pkzip$1 not supported
#1
Hello everybody,
I'm Giuseppe,

I've been trying for several days to write a function to find the password of a zip file (model 17210).

The goal would be to use this character set:
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
0123456789
!#$%&()*-<=>?@_
Which is none other than the ASCII table deprived of some special character.

Also I would like to define some rules to speed up the workload on my nvidia 1070ti gpu.

In fact, I know for sure that:
1. At least one capital letter was used
2. at least one lowercase letter was used
3. At least one special character was used
4. the password is exactly 8 characters

Ideally, if feasible, I would like to define an .hcmask file to call but I'm not sure how to write the rules.

In general I am trying to call the following function:

C:\cygwin64\home\Giuseppe\hashcat\hashcat.exe -d 3 -w 3 -m 17210 -a 3 "C:\Users\Giuseppe\Music\demo-hash.txt" -i --increment-min 8 --increment-max 8 -1 abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 ?1?1?1?1?1?1?1?1

Needless to say, I'm not getting any results.


It is also not clear to me which device is more convenient to recall.
This is the result of the call:

PS C:\cygwin64\home\Giuseppe\hashcat> C:\cygwin64\home\Giuseppe\hashcat\hashcat.exe -d 3 -w 3 -m 17210 -a 3 "C:\Users\Giuseppe\Music\demo-hash.txt" -i --increment-min 7 --increment-max 8 -1 abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 ?1?1?1?1?1?1?1?1
hashcat (v6.2.2-149-g141b59b80) starting

CUDA API (CUDA 11.4)
====================
* Device #1: NVIDIA GeForce GTX 1070 Ti, skipped

OpenCL API (OpenCL 3.0 CUDA 11.4.56) - Platform #1 [NVIDIA Corporation]
=======================================================================
* Device #2: NVIDIA GeForce GTX 1070 Ti, skipped

OpenCL API (OpenCL 1.2 ) - Platform #2 [Intel(R) Corporation]
=============================================================
* Device #3: Intel(R) HD Graphics 4600, 1565/1629 MB (407 MB allocatable), 20MCU
* Device #4: Intel(R) Core(TM) i5-4460  CPU @ 3.20GHz, skipped

Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256

Counted lines in C:\Users\Giuseppe\Music\demo-hash.txt

I hope for your help,
Thanks a lot in advance,
Giuseppe
Reply
#2
can you explain the actual problem in more detail ?

do you think hashcat (or your devices) are not working at all or is the problem "just" that you think you are testing the wrong password candidates (or wrong character set + mask etc).

From your output it's not clear if hashcat finished or what is going on.

how did you generate demo-hash.txt ?


Did you try to see if everything is working with your specific setup (hardware, hashcat version, operating system etc) when trying to crack an example hash with known/easy password ?

Please explain in more detail, because it's not clear to me if you are just confused about how charsets are defined (e.g. see .hcchr file, this has nothing to do with "rules" and also not directly to do with hcmask files, it's a charset file or defined directly in the command line as your example above) or if you have some more serious problems with your setup/hardware/installation.
Reply
#3
(07-19-2021, 10:29 AM)philsmd Wrote: can you explain the actual problem in more detail ?

do you think hashcat (or your devices) are not working at all or is the problem "just" that you think you are testing the wrong password candidates (or wrong character set + mask etc).

From your output it's not clear if hashcat finished or what is going on.

how did you generate demo-hash.txt ?


Did you try to see if everything is working with your specific setup (hardware, hashcat version, operating system etc) when trying to crack an example hash with known/easy password ?

Please explain in more detail, because it's not clear to me if you are just confused about how charsets are defined (e.g. see .hcchr file, this has nothing to do with "rules" and also not directly to do with hcmask files, it's a charset file or defined directly in the command line as your example above) or if you have some more serious problems with your setup/hardware/installation.

The problem is that with this hash, hashcat stops for no reason even before it starts looking for the password.
I am quite convinced that the mistake is mine and not in the machine.

Hashcat should work fine because trying other hashes I generated everything worked fine.

To get the demo-hash.txt file I used zip2john as I did with other test files which were successful.

The version of hashcat I use should be the latest having cloned directly with git as per the guide on the site.

My goal is to look for the password with the rules above, charged to my 1070ti, can you tell me if that command is correct or how it should be written?
Reply
#4
first remove the -d 3, hashcat will use GPU by default, -d 3 tells hashcat to just use your
Device #3: Intel(R) HD Graphics 4600, 1565/1629 MB (407 MB allocatable), 20MCU, skipping your "real gpus"

second, hashcat has build-in charsets, so please just use -1 ?l?u?d ?1?1?1?1?1?1?1?1

third, is your demo-hash formatted like in examples hashes?
https://hashcat.net/wiki/doku.php?id=example_hashes

you can try adding the demo hash provided there into your file
Reply
#5
(07-19-2021, 01:08 PM)Snoopy Wrote: first remove the -d 3, hashcat will use GPU by default, -d 3 tells hashcat to just use your
Device #3: Intel(R) HD Graphics 4600, 1565/1629 MB (407 MB allocatable), 20MCU, skipping your "real gpus"

Okay, I removed it

(07-19-2021, 01:08 PM)Snoopy Wrote: second, hashcat has build-in charsets, so please just use -1 ?l?u?d ?1?1?1?1?1?1?1?1

Yes, definitely better. But if you read the first post above, I also need to insert some special characters. How can i add only some special characters without having errors like "Invalid argument"? (e.g. about "{" ).

(07-19-2021, 01:08 PM)Snoopy Wrote: third, is your demo-hash formatted like in examples hashes?
https://hashcat.net/wiki/doku.php?id=example_hashes


you can try adding the demo hash provided there into your file

I'm sure the demo-hash.txt file is correct.
Find the file and details here:
https://github.com/openwall/john/issues/4768
Reply
#6
instead of giving the mask inside a command line you can use a mask-file

inside a mask-file you can specify up to 4 charsets like on command line, charsets are divided by a comma so

mask.txt
?l?u?d},?1?1?1?1?1?1?1?1
would generate lower upper digits and }
be aware of the comma and ?2
?l?u?d,},?1?1?1?1?1?1?1?2
would generate passwords with lower upper digits and a } appended

your given file is 2 megabytes for just one hash, exactly 2.2990.797 chars, im pretty sure this cant be right, and a quick look the output line for the hash starts with
$pkzip$1
but all example hashes starts with
$pkzip2$1

so i think the output is somehow malformed
Reply
#7
(07-19-2021, 02:48 PM)Snoopy Wrote: instead of giving the mask inside a command line you can use a mask-file

inside a mask-file you can specify up to 4 charsets like on command line, charsets are divided by a comma so

mask.txt
?l?u?d},?1?1?1?1?1?1?1?1
would generate lower upper digits and }
be aware of the comma and ?2
?l?u?d,},?1?1?1?1?1?1?1?2
would generate passwords with lower upper digits and a } appended

As I said I need to use the following characters:

abcdefghijklmnopqrstuvwxyz (lower)
ABCDEFGHIJKLMNOPQRSTUVWXYZ (upper)
0123456789 (number)
!#$%&()*-<=>?@_ (some special characters)

Looking at how you wrote yours, it should be correct to write it like this, do you confirm?

mask.txt
?l?u?d?!#$%&()*-<=>?@_,?1?1?1?1?1?1?1?1


(07-19-2021, 02:48 PM)Snoopy Wrote: your given file is 2 megabytes for just one hash, exactly 2.2990.797 chars, im pretty sure this cant be right, and a quick look the output line for the hash starts with
$pkzip$1
but all example hashes starts with
$pkzip2$1

so i think the output is somehow malformed

It is strange that one of the main developers of the john the ripper project was wrong to hash a zip file.
However I understand what you mean, could you tell me why this happens?

You always find the file at that link, can you be kind enough to try to generate your hash?

Thanks for your time
Reply
#8
(07-19-2021, 03:27 PM)Hollerith98T Wrote: As I said I need to use the following characters:

abcdefghijklmnopqrstuvwxyz (lower)
ABCDEFGHIJKLMNOPQRSTUVWXYZ (upper)
0123456789 (number)
!#$%&()*-<=>?@_ (some special characters)

Looking at how you wrote yours, it should be correct to write it like this, do you confirm?

mask.txt
?l?u?d?!#$%&()*-<=>?@_,?1?1?1?1?1?1?1?1

yeah with just one small "mistake", it has to be a double ? if you want to use ? literally, so
?l?u?d??!#$%&()*-<=>?@_,?1?1?1?1?1?1?1?1

for the provided demo.zip i got the same hashline like the developer, so i just think zip2john with given file is just incompatible with hashcat
Reply
#9
(07-19-2021, 03:51 PM)Snoopy Wrote: for the provided demo.zip i got the same hashline like the developer, so i just think zip2john with given file is just incompatible with hashcat

So how do I do it?
Reply
#10
i think you have to use JtR for this particular file/hash
Reply