Password Attacks | protected Archives zip2john

Hey y’all,

I really need some help on Password Attacks | protected Archives.

I am unable to crack the file that I get from the zip2john file.
The process is very straight forward

  1. zip2john notes.zip > zipnotes.hash
  2. john --wordlist=/usr/share/wordlists/rockyou.txt zipnotes.hash

John does not crack this file, and what happens is that it goes through the whole worklist (rockyou) in 5 seconds. However, when i do not use the wordlist if works but does not crack the file.
I am also using hashcat with similar results. I am using mode 17210, 17220 and nothing. With no wordlist, similar to john, it goes through the cracking process but does not find anything.

Any help would be appreciated.

1 Like

Why do you want to crack the file with rockyou.txt?
You got a list in the module.

2 Likes

Hey, thanks for replying.
So the wordlist from the module does not work for me. Unless you are giving a hint :wink:

1 Like

I have sent you a DM

2 Likes

The wordlist from the module is the one you need to use, but first, you have to do something to it.

Hey,
I have a question. Where from should we get the cracked password of the user Kira?

I have the same problem too

this can help: download the resource file (up in the page in the right). Then you can create a file .list with the password of kira LoveYou1, then with hashcat you perform permutations with the .list file containing only the password and the custom.rule file (see the “password permutations” section). Then you can run hydra against the SSH service with user “kira” and the provided permuted password list.
DONE
it was a bit messy and not clear, I was supposing to use methods in the section but NO, I needed to use previous methods because the password for kira was not provided

Hi simotone97,

Many thanks for tips.
Very helpfull.

hi guys, I am stuck here with
John answer me with
Enabling duplicate candidate password suppressor
0g 0:00:00:00 DONE (2023-09-15 16:51) 0g/s 2081Kp/s 2081Kc/s 2081KC/s loveyou192!oi…ovey
Session completed.
I used mutated list as well
nothing works
I tried 2 different version of John
and hashcat- m 17200-17300
could someone help me?
thanks

I have same problem which wordlist to use to crack this Kira’s zip file, i tried mutated usernames list and mut_passwords.list also only passwords.list

You should sumbitted this password as the answer in previous sections

u need to download PW-Attacks.zip from Resources and create new mutated list from password.list

2 Likes