Possibility of zip archive password cracking?
#1
I've been searching for some time now for a zip (standard, not aes) compatible password recovery program that takes advantage of modern, multi-core systems and, even better, the latest generation of GPUs (Nvidia in my case, so CUDA). Unfortunately, though I've gone through dozens and dozens of programs, both cutting edge and years old, none seem to fit this criteria - either they are so old they aren't even multithreaded (let alone make use of GPUs) or they simply don't support zip at all. This last has definitely been the most common, as 9 out of 10 programs I run across that use GPUs, for instance, are either a SHA1/MD5/MD4 hash cracker to the exclusion of formats such as zip/rar or are dedicated solely to rar (such as crark, rargpu, etc).

I have yet to find a single program, in fact, that appears leverage GPUs for cracking standard zip files - there is ONE GPU program, called Accent Zip Password Recovery, but it only handles AES zip files. My problem is that I have a single passworded zip from many, many years ago that I, in my security-conscious insanity, protected with some fairly large character-count key - which I have long since forgotten. I would definitely like to be able to access this file and have tried a number of standard cpu-based password recovery packages, including Advanced Archive Password Recovery from Elcomsoft, but they are simply not fast enough to access this file in a reasonable amount of time - even the best don't seem significantly multithreaded, for instance.

So, after running across oclhashcat today and finding it to be well endowed in both the multithreading and GPU-use areas, I decided to do a quick check on the forums to see if anyone had asked about possible zip cracking. I found one post in a feature request thread from about 4 months ago mentioning zip files, but no real response to it.

So my question is the following - is this a feature that could possibly be added to oclhashcat, being able to leverage its power toward breaking the encryption on standard, non-aes zip files (all types would be best, of course, but my interest is in the older, pre Winzip 9 ones with no AES)? Or is there some technical reason why the hash crackers like oclhashcat never seem to support compressed archives like zip or rar files?

Thanks for your time.
#2
i dont know if there are any technical reasons for not adding zip or aes to gpgpu based cracking. i never looked into them. hc and oclhc are made for competition and these competitions usually base on md4, md5 or sha1. thats why i will not add aes or zip or rar.
#3
Yeah!
There are already quite many very good highspeed rar or zip crackers!
Like ElcomSoft Distributed Password Recovery!
Look for it!
#4
(10-26-2010, 09:48 AM)atom Wrote: i dont know if there are any technical reasons for not adding zip or aes to gpgpu based cracking. i never looked into them. hc and oclhc are made for competition and these competitions usually base on md4, md5 or sha1. thats why i will not add aes or zip or rar.

Thanks for the info. I was unaware that hashcat was being developed solely for competition - just thought it was a general purpose "password recovery" suite, like the the web page info indicates. I apologize for the misunderstanding, in any case, and would not have asked at all if there hadn't been a distinct feature request forum where someone had already mentioned zip support previously.

(10-26-2010, 03:31 PM)budden7 Wrote: http://www.passwordrecoverytools.com/winzip-aes.asp

Thank you for the site, but I pointed out that program (Accent Zip Password Recovery) in my original post and noted there that it only supports AES-based zip encryption, which was winzip 9.0 and later - I was looking for winzip 8 and older, without the AES.

(10-26-2010, 10:48 PM)Rabbitz Wrote: Yeah!
There are already quite many very good highspeed rar or zip crackers!
Like ElcomSoft Distributed Password Recovery!
Look for it!

As I mentioned in my original post, I have already tried every available traditional cracking method, including those available from Elcomsoft. The problem is that none of them heavily support multithreading, let alone GPUs, for zip files, which seriously limits their speed. The only one that DOES support GPUs, the Accent one mentioned above, is only for AES zip files.

The one product you mention, the Distributed Password Recovery package from Elcomsoft, does seem to be quite fast, using up to 64 cores as well as GPUs, but unfortunately it does not support zip files at all. You can check the full files support list at the end of the page for it.
#5
Oh, sorry!
Then look for latest Elcomsoft Zip Cracker!
But you have to buy it!
There is no crack or patch for it!
#6
(10-27-2010, 11:32 PM)pablo Wrote: http://www.parallelrecovery.com/zip-password.html

Wow, it looks like that was just released YESTERDAY - thanks for the heads up, definitely going to look into it.
#7
(10-26-2010, 09:48 AM)atom Wrote: i dont know if there are any technical reasons for not adding zip or aes to gpgpu based cracking. i never looked into them. hc and oclhc are made for competition and these competitions usually base on md4, md5 or sha1. thats why i will not add aes or zip or rar.

I attach AES cuda source from OpenSSL for inspiration...
For future competition AES implementation is good idea.
#8
(10-26-2010, 09:48 AM)atom Wrote: hc and oclhc are made for competition and these competitions usually base on md4, md5 or sha1. thats why i will not add aes or zip or rar.

Now we have hashcatplus I wonder if you would consider zip and rar ? It would be a very nice addition !

Also support for Truecrypt volumes would be fantastic ! Smile
#9
no plans on that, sorry.
#10
OK, I understand. I had to ask as I believe it would be very popular.

Please bear them in mind though and if you ever get bored or just feel like it please consider them again.

Smile

Thank you.