Posts: 3
Threads: 1
Joined: Jan 2020
01-14-2020, 03:21 PM
(This post was last modified: 01-14-2020, 03:32 PM by philsmd.)
Hello,
I want to understand how to create a valid Pkzip master key for the mode 20500 or 20510 from this hash generated from
zip2john:
Code:
test.zip:$pkzip2$1*1*2*0*XXX*$/pkzip2$:::::test.zip
I need to know how to do it, I have try with explanations from the PDF ICISSP_2019_45.pdf but I can't get something functional and because the mode 17200 is not compatible with my AMD GPU's.
Thank you for your help.
Posts: 2,267
Threads: 16
Joined: Feb 2013
01-14-2020, 03:36 PM
(This post was last modified: 01-14-2020, 03:45 PM by philsmd.)
do not post hashes in this forum, see
https://hashcat.net/forum/announcement-2.html
The example hashes are here:
https://hashcat.net/wiki/example_hashes (hint: they do not have any file names etc, neither at the beginning, nor at the end etc... try the example hashes first)
I think
https://github.com/kimci86/bkcrack is able to recover the master key which you can use afterwards for the hashcat hash types (20500/20510).
some explanations are here:
www.insticc.org/Primoris/Resources/PaperPdf.ashx?idPaper=73605
also see:
https://twitter.com/hashcat/status/1129441728761610242 and
https://github.com/hashcat/hashcat/issue...-493662448
It's always kind of bad to solve a problem by not trying to solving it (i.e. instead of using modern hardware, even modern Intel/AMD CPU would probably work for testing, you just try to bypass/workaround the main problem).
Posts: 3
Threads: 1
Joined: Jan 2020
01-14-2020, 03:47 PM
(This post was last modified: 01-14-2020, 03:50 PM by JinK.)
Thank, but actually I want to understand how it's work for test with my own files instead to use only examples.
Also the main problem of the AMD GPU compatibility is the deflate module who make them stuck on buffering the fronted part at the beginning, and unfortunatly I don't know how to fix/bypass this problem and like I said I have already read the PDF explanations, the document explain how to get the master key from the hash generated by zip2john tool and I can't get something who work, that's why I post on "support" category to get help
About the hashes posted, I know I have post a hash not important for show a valid example.
But thank you anyway.
Cordialy.
Posts: 2,267
Threads: 16
Joined: Feb 2013
you do not use the output of zip2john at all for -m 20500 or -m 20510.
you just use the key that bkcrack will give you if you have succeeded with a known plaintext attack
Posts: 3
Threads: 1
Joined: Jan 2020
(01-14-2020, 03:51 PM)philsmd Wrote: you do not use the output of zip2john at all for -m 20500 or -m 20510.
you just use the key that bkcrack will give you if you have succeeded with a known plaintext attack
Ok thank you very much, I hope to see the mode 17200 fixed too in the future