Recovered a 7z password with hashcat, but it's not the right one
#1
I am trying to recover a 7z file, but have forgotten the password. It's completely AES-256 encrypted (i.e. not even the filenames are available).

Steps:

Generated hash file with 7z2hashcat.pl

Ran a mask attack using
Code:
hashcat -a 3 -m 11600 my.hash masks\rockyou-7-2592000.hcmask

After ~55 hours, hashcat completed with statusĀ cracked

The password identified in the hashcat.potfile is rejected by 7-zip

I found a discussion on hash collisions with old Office files here: https://security.stackexchange.com/a/211924

Is 7zip similarly vulnerable to hash collisions?

I would just try the steps in the linked post and see if I could generate more passwords, but given it could tie up my GPU for weeks, I'd appreciate any thoughts!
Reply


Messages In This Thread
Recovered a 7z password with hashcat, but it's not the right one - by v01d - 08-28-2020, 06:00 PM