+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Cracking password of a Zip file. (/thread-10806.html)
Cracking password of a Zip file. - NERFER 4 - 05-29-2022
I can't crack the password of a Zip archive. I used John the ripper to extract the hash from the Zip file, he extracted 2 of them but I don't know which hash mode to use on hashcat to find the password.
Could anyone help me? (If necessary, I can attach the file)
RE: Cracking password of a Zip file. - NERFER 4 - 05-29-2022
(05-29-2022, 09:17 AM)marc1n Wrote: PKZIP https://hashcat.net/wiki/doku.php?id=example_hashes
Thanks, but it doesn't work for me, my hash starts with $zip2$, so, according to the list you sent me, I should use 13600 (WinZip) hash mode, but if I try to proceed it gives me this error:
Oversized line detected! Truncated 55697304 bytes
Oversized line detected! Truncated 55697304 bytes
Hashfile 'h4.txt' on line 1 ($zip2$...c44df2ad47099b87457dfd7105b9c423): Separator unmatched
No hashes loaded.
In fact, my hash is much longer than the example one in the list you sent me.
If you want I can attach my hash file.
Thanks!
RE: Cracking password of a Zip file. - NERFER 4 - 05-29-2022
(05-29-2022, 03:46 PM)marc1n Wrote: Your zip version may not be supported by hashcat...
Hashcat is the world's fastest password cracker, can I crack my Zip archive password fast enough like on Hashcat using another program?
RE: Cracking password of a Zip file. - NERFER 4 - 05-29-2022
(05-29-2022, 06:15 PM)marc1n Wrote: Check without entering the mode if the hashcat detects your hash and gives you the mode to break
I have just tried it but it didn't find any mode that could crack the hash, it told me "Oversized line detected! Truncated 55697304 bytes" 459 times, then stopped.
RE: Cracking password of a Zip file. - NERFER 4 - 05-30-2022
(05-29-2022, 11:37 PM)marc1n Wrote: Use https://www.openwall.com/john/
I have tried, it tells me this:
Warning: invalid UTF-8 seen reading C:\Users\crist\Desktop\d.zip
oracle: Input file is not UTF-8. Please use --input-enc to specify a codepage.
Warning: only loading hashes of type "HMAC-SHA256", but also saw type "HMAC-SHA224"
Use the "--format=HMAC-SHA224" option to force loading hashes of that type instead
Error: UTF-16 BOM seen in input file.
RE: Cracking password of a Zip file. - Snoopy - 06-01-2022
i think your zip file is garbage, a plain zip file shouldnt have a BOM at the beginning
RE: Cracking password of a Zip file. - NERFER 4 - 06-02-2022
(06-01-2022, 11:51 AM)Snoopy Wrote: i think your zip file is garbage, a plain zip file shouldnt have a BOM at the beginning
So what can I do?
RE: Cracking password of a Zip file. - Snoopy - 06-03-2022
(06-02-2022, 01:35 PM)NERFER 4 Wrote:(06-01-2022, 11:51 AM)Snoopy Wrote: i think your zip file is garbage, a plain zip file shouldnt have a BOM at the beginning
So what can I do?
nothing?
2 possibilities, winzip changed something in their encryption procedure and zip2john fails to produce a proper hash or zip2john produces a proper hash but this new hashsize isnt (yet) supported by hashcat
RE: Cracking password of a Zip file. - NERFER 4 - 06-03-2022
(06-03-2022, 01:31 PM)Snoopy Wrote:(06-02-2022, 01:35 PM)NERFER 4 Wrote:(06-01-2022, 11:51 AM)Snoopy Wrote: i think your zip file is garbage, a plain zip file shouldnt have a BOM at the beginning
So what can I do?
nothing?
2 possibilities, winzip changed something in their encryption procedure and zip2john fails to produce a proper hash or zip2john produces a proper hash but this new hashsize isnt (yet) supported by hashcat
I think my zip file isn't compressed, in the archive info the compression ratio is 100%. Also I think the file is quite old.