Signature unmatched, no hashes loaded.
#1
I'm a beginner with coding so please excuse my ignorance. I'm trying to crack an axcrypt encrypted file using axcrypt2john.py, and I managed to get a hash which I'm not sure is correct yet, when I run it in hashcat using the code: hashcat -m 13200 -a 3 -2 ?1?d - - increment - w 3 hash.txt ?2?2?2?2?2?2?2?2 
I initially get the message: Unstable OpenCL driver detected

This OpenCL driver has been marked as likely to fail kernal compilation or to produce false negatives. You can use --force to override this, but do not report related errors. 

No devices found/left. 

When I use  --force along with the previous command, it gives:  Hashfile 'hash.txt' on line 1 (hash) : Signature unmatched no hashes loaded.

Can I ever crack this thing?

Edit: I've read the following thread on the same issue: https://hashcat.net/forum/thread-9291.html

I tried the example hashes for axcrypt as advised on that thread and it gives the same error. I also wonder how could it load when there's nothing encrypted with that hash? Surely I'm missing something lol.
Reply
#2
hashcat --help shows, that there are 4 different kinds of axcrpt modes

13200 | AxCrypt 1 | Archives
13300 | AxCrypt 1 in-memory SHA1 | Archives
23500 | AxCrypt 2 AES-128 | Archives
23600 | AxCrypt 2 AES-256 | Archives

Signature unmatched no hashes loaded. should/could mean it is not mode 13200

if you could make a test with an archive for yourself using a simple pass like 1234 and try to crack it after extracting with axcrypt2john.py and these 4 modes mentioned above, i would think its aes-128 or aes-256 by standard
Reply
#3
(03-18-2021, 05:45 PM)Snoopy Wrote: hashcat --help shows, that there are 4 different kinds of axcrpt modes

  13200 | AxCrypt 1                                        | Archives
  13300 | AxCrypt 1 in-memory SHA1                        | Archives
  23500 | AxCrypt 2 AES-128                                | Archives
  23600 | AxCrypt 2 AES-256                                | Archives

Signature unmatched no hashes loaded. should/could mean it is not mode 13200

if you could make a test with an archive for yourself using a simple pass like 1234 and try to crack it after extracting with axcrypt2john.py  and these 4 modes mentioned above, i would think its aes-128 or aes-256 by standard

thank you for the response. Unfortunately axcrypt only allows for a complicated password enrcyption and I tried creating one as simple as I could, and I tested it with all 4 of these modes but it gives the same error.
Reply
#4
can you post the stripped output of axcrypt2john.py? stripped to the first signature like this

$axcrypt$*1*10000*

maybe the axcrypt uses a new style of encryption which is not supported by john or hashcat.
Reply