0

I Have lost my zip file password and I tried to recover it with Windows 10, using John the Ripper 1.9.0 Jumbo.

Things I know from this password:

  1. 9 to 11 characters
  2. Alphabetics A B E F and a b e f (pretty much sure)
  3. Digits 0 2 3 5 9
  4. Specials @ and %

Can somebody please put instruction what is the most fastest way recover this zip file?

Only thing that I have done is using JtR code like this:

zip2john filename.zip > hash.txt
john hash.txt
schroeder
  • 123,438
  • 55
  • 284
  • 319
John
  • 1
  • You have just dramatically reduced the search space for people interested in cracking, for instance, your stackexchange account password. – Jaap Joris Vens May 23 '20 at 19:34

1 Answers1

1

I would use Hashcat (since I know it better), you can download the binaries and run it on Windows using the command line.

First, you need to prepare the hash from the zip file for Hashcat, since you are using Windows, open the hash.txt file and copy everything after the first : symbol (excluding the symbol) and put it in another file call it hash2.txt for example.

Then run Hashcat, using the command line navigate to the directory where you downloaded Hashcat and run this :

hashcat64.exe -a 3 -m 13600 hash2.txt -1 abef -2 ABEF -3 02359 -4 @% ?a?a?a?a?a?a?a?a?a?a?a  -i --increment-min=8

This would take a very long time though (maybe years) to try all possible combination of the characters you mentioned for those lengths and this specific hash (this would generate 9267412500000 passwords to try, 100 Tera Bytes of data).

I would highly recommend changing the "mask" which is ?a?a?a?a?a?a?a?a?a?a?a to the pattern of the password if you remember it, for example, if the old password started with two capital letters (A,B,E, or F), then four small, then four numbers, and a symbol the mask would be ?2?2?1?1?1?1?3?3?3?3?4.

You must use this for a specific length though, meaning you first try all the possible length 8 password patterns, then 9 ...

Example command:

hashcat64.exe -a 3 -m 13600 hash2.txt -1 abef -2 ABEF -3 02359 -4 @% ?2?2?1?1?1?1?3?3?3?3?4

You can place all the masks you think are possible in a file with one on each line and pass it to Hashcat to try all of those masks in sequence. Put the most likely masks in the first lines for Hashcat to try them first.

Example masks file structure:

?2?2?1?1?1?1?3?3?3?4
?2?2?1?1?1?1?3?3?3?3?4
?2?2?1?1?1?1?1?3?3?3?3
?2?2?1?1?1?3?3?3?3?3?4
...

Hashcat command:

hashcat64.exe -a 3 -m 13600 hash2.txt -1 abef -2 ABEF -3 02359 -4 @% masks_file_name

I hope this helps.

Khalid
  • 140
  • 6