I really need some help on Password Attacks | protected Archives.
I am unable to crack the file that I get from the zip2john file.
The process is very straight forward
zip2john notes.zip > zipnotes.hash
john --wordlist=/usr/share/wordlists/rockyou.txt zipnotes.hash
John does not crack this file, and what happens is that it goes through the whole worklist (rockyou) in 5 seconds. However, when i do not use the wordlist if works but does not crack the file.
I am also using hashcat with similar results. I am using mode 17210, 17220 and nothing. With no wordlist, similar to john, it goes through the cracking process but does not find anything.
this can help: download the resource file (up in the page in the right). Then you can create a file .list with the password of kira LoveYou1, then with hashcat you perform permutations with the .list file containing only the password and the custom.rule file (see the “password permutations” section). Then you can run hydra against the SSH service with user “kira” and the provided permuted password list.
DONE
it was a bit messy and not clear, I was supposing to use methods in the section but NO, I needed to use previous methods because the password for kira was not provided
hi guys, I am stuck here with
John answer me with
Enabling duplicate candidate password suppressor
0g 0:00:00:00 DONE (2023-09-15 16:51) 0g/s 2081Kp/s 2081Kc/s 2081KC/s loveyou192!oi…ovey
Session completed.
I used mutated list as well
nothing works
I tried 2 different version of John
and hashcat- m 17200-17300
could someone help me?
thanks
I have same problem which wordlist to use to crack this Kira’s zip file, i tried mutated usernames list and mut_passwords.list also only passwords.list
Where did you see/find that this was Kira’s password? I don’t see it anywhere in the modules or the password.list file. I see LoveYou1 is in the rockyou.txt files, but mutating that and then using it would take ages lol
From other hosts on the network, our colleagues were able to identify the user “Kira”, who in most cases had SSH access to other systems with the password “LoveYou1”.
Hey guys, the machine says that Notes.zip is located in root/Notes.zip. So I logged in as root, but when I move to the root directory Notes.zip is nowhere to be found. Even when I try ls -la to see hidden files it’s not there. Does anybody know how to get the Notes.zip file?
Can i ask how you got the file to run john against it? I’ve been trying to move it over to my machine via scp (times out), no python on host so cant spin up a python server, password protected so i cant just copy the contents and paste into my kali box. no NC on the machine either. I’m at a lost.
Can someone please tell me kiras password. Tried mutating LoveYou1 and still not availe. “Use the cracked password of the user Kira and log in to the host and crack the “id_rsa” SSH key. Then, submit the password for the SSH key as the answer.”
I saw a couple people saying it was an answer for a previous section, this is false. I do recall mutating LoveYou1 at somepoint, but it was not the answer to a quesiton.
