Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 02-23-2020, 09:30
eychei eychei is offline
Friend
 
Join Date: Mar 2018
Posts: 50
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 32
Thanks Rcvd at 7 Times in 7 Posts
eychei Reputation: 0
Question pkzip password

Hi everyone,

I am trying to brute-force a password for a zip file.
It is encypted with ZipCrypto Deflate.

Using John or Hashcat this will take for ever.
The zip file contains multiple files, good thing is that there is a xml file in there.
I am now trying to get the master key by using bkcrack.

First problem is I can not compile bkcrack. Does someone have a binary for windows?

Maybe someone does have a better solution for this zip file.

Hope someone can help.

-e
Reply With Quote
  #2  
Old 02-23-2020, 12:03
ketan ketan is offline
Friend
 
Join Date: Mar 2005
Posts: 94
Rept. Given: 0
Rept. Rcvd 11 Times in 4 Posts
Thanks Given: 4
Thanks Rcvd at 81 Times in 45 Posts
ketan Reputation: 11
Deflate is compression method.

Zip encryption may be classic or AES. Former gives much more chances.
Reply With Quote
The Following User Says Thank You to ketan For This Useful Post:
eychei (02-23-2020)
  #3  
Old 02-23-2020, 14:09
ionioni ionioni is offline
Friend
 
Join Date: Jul 2016
Location: https://t.me/ionioni
Posts: 43
Rept. Given: 0
Rept. Rcvd 3 Times in 3 Posts
Thanks Given: 35
Thanks Rcvd at 36 Times in 25 Posts
ionioni Reputation: 3
Quote:
Originally Posted by eychei View Post
I am trying to brute-force a password for a zip file.
It is encypted with ZipCrypto Deflate.
First problem is I can not compile bkcrack. Does someone have a binary for windows?
rbkcrack = bkcrack+zip64 file support, git link or binary for windows
Reply With Quote
  #4  
Old 02-23-2020, 18:25
eychei eychei is offline
Friend
 
Join Date: Mar 2018
Posts: 50
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 32
Thanks Rcvd at 7 Times in 7 Posts
eychei Reputation: 0
Ok trying rbkcrack will report.

Thx
Reply With Quote
  #5  
Old 02-24-2020, 00:10
eychei eychei is offline
Friend
 
Join Date: Mar 2018
Posts: 50
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 32
Thanks Rcvd at 7 Times in 7 Posts
eychei Reputation: 0
Its me again

I am hitting a wall here.

So I have a ZipCrypto Deflate XML file in a Zip. This XML file does start with a <?xml version="1.0" .

When using rbkcrack I can get a key buuuuttt this seems not to work for extrating the files. This is reasonable because the file is also compressed and my plaintext is not.

I compiled bkcrack and p7zip just to make sure. No change in the key.

So my problem is, how can I find the deflated plaintext for the XML file?
Can I just use the first 19 bytes and zip it with deflate and use the hex bytes for the attack? How can I find the exact compression method. Because changing anything (compression rate) will change the data.

-e
Reply With Quote
  #6  
Old 02-24-2020, 06:25
chants chants is online now
Family
 
Join Date: Jul 2016
Posts: 497
Rept. Given: 4
Rept. Rcvd 33 Times in 19 Posts
Thanks Given: 423
Thanks Rcvd at 766 Times in 355 Posts
chants Reputation: 33
On the github you can read example/tutorial.md. it answers this: https://github.com/Aloxaf/rbkcrack/blob/master/example/tutorial.md

So you need to check if the XML is stored or deflated. If its stored you can easily use your 12 bytes of plain text to crack it. If its deflated the attack is no longer practical and you are better off hunting the web for the full XML file. Also some XML files can have UTF byte markers or even non standard white space at the start, not all are clean xml. Something else to consider.
Reply With Quote
The Following 2 Users Say Thank You to chants For This Useful Post:
eychei (02-24-2020), niculaita (02-25-2020)
  #7  
Old 02-24-2020, 18:39
ionioni ionioni is offline
Friend
 
Join Date: Jul 2016
Location: https://t.me/ionioni
Posts: 43
Rept. Given: 0
Rept. Rcvd 3 Times in 3 Posts
Thanks Given: 35
Thanks Rcvd at 36 Times in 25 Posts
ionioni Reputation: 3
just in case you still wanna play with it, this is bkcrack binary for windows, compiled using the sources from git
Reply With Quote
The Following User Says Thank You to ionioni For This Useful Post:
eychei (02-24-2020)
  #8  
Old 02-24-2020, 18:48
eychei eychei is offline
Friend
 
Join Date: Mar 2018
Posts: 50
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 32
Thanks Rcvd at 7 Times in 7 Posts
eychei Reputation: 0
@chants
I did read the tutorial and unfortunately my file is deflated. I will try to search for some files in the net.

@ionioni
thanks for the compiled windows version. I did compile it in ubuntu but will use your windows version instead.
Reply With Quote
Reply

Tags
pkzip, zip, zipcrypto

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Best way to get a rar password? Rhodium General Discussion 4 01-27-2004 22:57


All times are GMT +8. The time now is 05:31.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
( 1998 - 2020 )