New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AxCrypt v2.x not working? #4292
Comments
Could you post a file you CANNOT crack (and a hint for the correct password)? We need this to reproduce. |
Sure. The file uploaded on wetransfer or the MediaFire link. The hash I get using axcrypt2john:
The cleartext password:
|
Thanks. I can reproduce. For future reference, I realized that crackable and non-crackable have different costs. |
I apologise for the (probably) stupid question but what do you mean with that last sentence? |
It is not. Look at this line and compare it to the
In fact, could you try to create hashes using different iteration and test, please? |
Ok I see. Earlier, during previous tests I got different costs for all the non crackable
And this is the
Now I can see what you mean. Edit: I have tried various password length with different accounts, different files to encrypt and also tried to decrypt and re encrypt with different password the file |
Looks like the difference is the ciphers used: AES-128 vs AES-256 . philsmd has highlighted some interesting findings in a post at the hashcat forum. |
yeah, the only problem is that JTR doesn't support AES-128 for AxCrypt files (which is actually the default one for the free version as far as I can tell). In the forum post I also mentioned that it might or might not be possible to detect if the file uses AES-128 or AES-256 from the file metadata alone (it might be the case that you need to enter a password and the software simply tests both until one succeeds or both fail, this is just an assumption but the AxCrypt spec PDF file hints to it that the cipher is not known). the cost factor doesn't matter at all (well, only for how slow it is, but not if something is crackable or not)... my perl scripts from the forum post above should clearly show that the algorithms are different and therefore it's currently not cracking. If we would implement this in hashcat, we probably would add 2 separate hash types "AxCrypt 2 AES-128" and "AxCrypt 2 AES-256" and the user must select one (they should either know the algorithm itself, or at least if they used the paid version etc). Thx (and sorry for not posting here directly yesterday, I was in a hurry and only had time to complete that hashcat forum post) |
Hi there, today I was testing the axcrypt2-opencl format and notice that there might be some issues.
The hash is not cracked even knowing that the correct password is in the wordlist.
Extracting the hash:
Running it with John:
I also tried to remove the filename before the hash, nothing changed.
I can assure that the correct password is in the file
/tmp/axcrypt.txt
used as a wordlist; I double checked and I am able to decrypt it using the normal AxCrypt GUI and works even in a PC with no AxCrypt installed but using AxCryptBruteforcer, so the account is not logged in.Edit: I am able to crack the test.axx file; however that is the only one. Once I realised that, I tried to create multiple accounts with different passwords and I was not able to crack any of them.
Requested info:
The text was updated successfully, but these errors were encountered: