10-11-2021, 08:23 PM
Ya, unfortunately none of the JTR modules seem to be pulling out any hashes for me. I was hopeful that it might be able to pull out something that I would be able to attack with some manipulation of the original archive but unfortunately, no joy.
As per their documentation:
"PeaZip's native .pea file format, supporting AES, Serpent and Twofish (128 and 256 bit) EAX-mode authenticated encryption, enforcing cryptographically strong data secrecy and verifiable autenticity. Also, PEA format can use cascaded AES, Serpent and Twofish - all the data will be encrypted and authenticated by all the trhree cyphers."
https://peazip.github.io/encrypt-files.html
Unfortunately I just don't know enough to even start looking for where any of these would be located in the file. I guess the secondary problem, as you stated, would be if Hashcat could even deal with a 3 tiered system as outlined in the quote above...
As per their documentation:
"PeaZip's native .pea file format, supporting AES, Serpent and Twofish (128 and 256 bit) EAX-mode authenticated encryption, enforcing cryptographically strong data secrecy and verifiable autenticity. Also, PEA format can use cascaded AES, Serpent and Twofish - all the data will be encrypted and authenticated by all the trhree cyphers."
https://peazip.github.io/encrypt-files.html
Unfortunately I just don't know enough to even start looking for where any of these would be located in the file. I guess the secondary problem, as you stated, would be if Hashcat could even deal with a 3 tiered system as outlined in the quote above...