New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
7z2john.py: Support "multiple unpacksizes" #335
Comments
@magnumripper can you please paste the resultant "hash" (contents of test.in) ? |
Oh, I did not realize one was produced. Actually in this case (at least) this resulting hash does get cracked.
This should also use Base64! |
You got lucky this time ;). Maybe I should detect if the format will work and produce hash / warning accordingly. |
What is the problem if/when it does not work? Can it happen at all when using header encryption? |
If packsizes[idx] is equal (or almost equal) to folder.unpacksizes[idx] and there are multiple unpacksizes involved, then we don't have enough padding margin to detect if decryption was successful (hence we should print a warning). If packsizes[idx] is equal (or almost equal) to folder.unpacksizes[idx] and if len(unpacksizes) == 1, then the CRC check should suffice. |
JtR will continue cracking (without any success) for ever. |
Maybe I misunderstand something but from what I can see in the format, the only thing that would happen is the risk of false positives increases (with a margin of 8 it should be really slim). It would not be a false negative. |
If packsizes[idx] is equal (or almost equal) to folder.unpacksizes[idx] and there are multiple unpacksizes involved, then we don't have enough padding margin to detect if decryption was successful (hence we should print a warning) AND the CRC check would also not work in this particular case. Effectively we won't we able to "crack" the archive even if we know the password, i.e. a false negative. (hopefully I have done a better job of explaining stuff this time) |
The CRC check fails since we only decrypt single stream (other streams are compressed ones) and the CRC is for those multiple streams. |
OK, I see. I seem to get a 'margin' of 14 with my test case. That's plenty. |
Currently no but the (pending) folder check stuff should solve these problems. |
https://github.com/philsmd/7z2hashcat should be helpful :) |
Yes, I'm planning to test it once I get a round tuit. |
Closing this in favor of #2314 |
To reproduce:
The text was updated successfully, but these errors were encountered: