Notifications
Clear all

pkcrack problems

8 Posts
5 Users
0 Likes
871 Views
(@yani1shu)
Posts: 12
Active Member
Topic starter
 

I've been trying to crack some encrypted zip files for a while now with absolutely no luck. I've tried using PRTK and pkcrack. I've tried using a plaint-text attack with the pkcrack utility but i get the response after it runs that a password wasn't found and i probably choose the wrong plaintext, however my encrypted and unencrypted files have the same CRC so i don't see why it's not working. Does anyone have any experience with this that would be willing to help me out?

Thanks in advance.

 
Posted : 15/09/2009 3:39 am
(@kovar)
Posts: 805
Prominent Member
 

Greetings,

Are you using these tools on a ZIP file whose password you know? Or are you trying to crack an unknown password? These tools are not guaranteed to crack a password.

If I remember correctly, the plaintext will not work against AES encrypted ZIP files. I don't know if PRTK will give you a warning about this. Passware will warn you.

Have you tried Passware's encryption analyzer tool? It should help you figure out how the file is encrypted, and what attack(s) to use on it.

I also have some vague memories that you need to use the same ZIP application with the same, or similar, settings but if you have matching CRCs that may not apply.

-David

 
Posted : 15/09/2009 5:47 am
(@itagent2000)
Posts: 31
Eminent Member
 

I made good experience with the cracker from elcomsoft (www.elcomsoft.com)

Good luck

Chris

 
Posted : 15/09/2009 12:06 pm
ecophobia
(@ecophobia)
Posts: 127
Estimable Member
 

Winzip version 9 and later utilizes AES-128, AES-192 and AES-256, so the only options left are dictionary and brute force. If you can't get a 'relevant' dictionary, then you will need a decent password cracking software such as elcomsoft (as suggested above), lots of 'good luck', a powerful PC + plenty of time.

 
Posted : 15/09/2009 8:09 pm
(@yani1shu)
Posts: 12
Active Member
Topic starter
 

So i've tried PRTK, Passware, and pkcrack. None of them have worked, albeit i'm only using the demo of passware for right now. But PRTK has been running for a week, it's almost completed all the different levels without cracking the zip. I have a feeling it's a problem with the plaintext file i'm using. Anyone have any advice as to how to ensure i have a good plaintext file. The CRCs match between the encrypted and decrypted files, what else should i be looking for?

 
Posted : 15/09/2009 9:03 pm
(@seanmcl)
Posts: 700
Honorable Member
 

As noted, earlier, if this is AES encrypted, plaintext attacks won't work. You'll need brute force and a lot of time (2^128 for AES-256) or a good deal of luck.

 
Posted : 15/09/2009 9:22 pm
(@yani1shu)
Posts: 12
Active Member
Topic starter
 

i don't believe it is aes encrypted.

 
Posted : 15/09/2009 10:13 pm
(@kovar)
Posts: 805
Prominent Member
 

Greetings,

Did you try the Passware Encryption Analyzer to be certain it is not AES encrypted?

If you want to send me a copy of the file, I'll take a look at it for you.

-David

 
Posted : 15/09/2009 10:27 pm
Share: