Recovered a 7z password with hashcat, but it's not the right one

Asked Aug 26 '20 at 13:33

Active Aug 26 '20 at 13:33

Viewed 1,792 times

I am trying to recover a 7z file, but have forgotten the password. It's completely AES-256 encrypted (i.e. not even the filenames are available).

Steps:

Generated hash file with 7z2hashcat.pl
Ran a mask attack using hashcat -a 3 -m 11600 my.hash masks\rockyou-7-2592000.hcmask
After ~55 hours, hashcat completed with status cracked
The password identified in the hashcat.potfile is rejected by 7-zip

I found a discussion on hash collisions with old Office files here: https://security.stackexchange.com/a/211924

Is 7zip similarly vulnerable to hash collisions?

I would just try the steps in the linked post and see if I could generate more passwords, but given it could tie up my GPU for weeks, I'd appreciate any thoughts!

asked Aug 26 '20 at 13:33

Ben Owen

And, the version of 7-Zip? – kelalaka Aug 26 '20 at 14:08
Unknown, the file was created in 2016, so not a recent version – Ben Owen Aug 26 '20 at 14:29
1

I suggest you try the *hashcat forum* at: *https://hashcat.net/forum/* – user10216038 Aug 26 '20 at 17:23
1

Ironically, I didn't manage to sign up to the forum earlier because I couldn't answer the CAPTCHA! (the current stable version is 6.1.1, right?) – Ben Owen Aug 27 '20 at 18:41
Eventually managed to sign up, the CAPTCHA question is quite a few versions out of date! – Ben Owen Aug 28 '20 at 08:18
2

(Thanks for the report! I forwarded this to the hashcat team, and they say that the CAPTCHA has been fixed) – Royce Williams Aug 30 '20 at 02:19
Is the password in the potifile maybe saved in Hex Format and not as a normal string? – UndercoverDog Sep 13 '22 at 15:41

Recovered a 7z password with hashcat, but it's not the right one

0 Answers0