본문 바로가기
조회 수 5534 추천 수 0 댓글 0
?

단축키

Prev이전 문서

Next다음 문서

+ - Up Down Comment Print
?

단축키

Prev이전 문서

Next다음 문서

+ - Up Down Comment Print
Cracking password protected zip files with John on OSX

1. install john the ripper
brew install john-jumbo

2. add john path to $PATH
vi ~/.bashrc
------------------8<--------------------
# for john
export PATH=$PATH:/usr/local/share/john
------------------8<--------------------
source ~/.bashrc

2. run john
zip2john Geheim.zip > zip_hash.txt
john zip_hash.txt

ex) 
$ zip2john Geheim.zip > zip_hash.txt
Geheim.zip->Geheim.txt PKZIP Encr: cmplen=57, decmplen=45, crc=CDCEEB7B

$ cat zip_hash.txt 
Geheim.zip:$pkzip$1*1*2*0*39*2d*cdceeb7b*0*28*0*39*cdce*b4e2f486b7ac79336589b0fa5841db48d2d737fecb303e1d54e6f6a69844a14d3996d8ec8698688dbcb32e1d45378e61b2a9be7d1c9f92ce8d*$/pkzip$

$ john zip_hash.txt 
Created directory: /Users/user1/.john
Loaded 1 password hash (PKZIP [32/64])
close            (Geheim.zip) <--------- PASSWORD HERE
guesses: 1  time: 0:00:00:00 DONE (Sat Aug 23 12:18:02 2014)  c/s: 1074K  trying: coc28 - cle57
Use the "--show" option to display all of the cracked passwords reliably

3. unzip with the password above

4. remove john log file
rm ~/.john/john.pot


Title
List of Articles
번호 제목 글쓴이 날짜 조회 수
46 How to install Xplico on Kali Hojung 2014.09.29 6943
45 MITM: Ettercap (automated arp spoof) + Xplico (pcap analyzer) file Hojung 2014.09.29 6779
44 DVWA - Upload and use C99.php Backdoor shell (upload C99.php and activate) file Hojung 2014.10.04 6432
43 DoS (Denial of Service) 공격에 대해 (Ping of Death, Syn Flooding 공격/탐지/대응, Tear Drop, Smurf/Fraggle, LAND Attack) file Hojung 2014.11.02 6029
42 DVWA - Stored XSS (Cross Site Scripting) file Hojung 2014.10.04 5807
» Cracking password protected zip files with John on OSX Hojung 2014.08.23 5534
40 DVWA - Burp Suite, Man-in-the-middle-attack (burp 사용해 cookie를 확보 후 firefox에서 cookie 조작) file Hojung 2014.10.04 5534
39 DVWA - Automated SQL Injection with SqlMap (SQLi에 사용되는 URL 및 Cookie를 가지고 자동으로 injectin) file Hojung 2014.10.04 5510
38 Session Cookie 세부항목에 대해 (secure, Http Only flag) Hojung 2015.01.06 5490
37 DVWA - Using the nikto.pl web vulnerability scanner file Hojung 2014.10.04 5243
36 DNS Spoofing from CLI (ip forwarding + arp spoofing + dns spoofing with ettercap) file Hojung 2014.10.06 5166
35 쉘코드(shell code)란 payload로 사용되는 작은 코드조각 Hojung 2014.12.23 4912
34 DHCP starvation attack by Yersinia file Hojung 2014.09.27 4636
33 brute-force HTTP/S basic access authentication with hydra file Hojung 2015.01.07 4380
32 Install WebGoat 5.3 in Kali file Hojung 2015.02.02 4365
31 Slowloris attack Hojung 2014.08.20 4203
30 DVWA - Upload PHP Backdoor Payload (PHP파일 업로드 후 web을 통해 액세스. 즉, 서버에서 php 실행됨) file Hojung 2014.10.04 4167
29 How To Install Metasploit Framework In MacOSX (homebrew, postgres) Hojung 2014.08.28 4150
28 DVWA - Manual SQL Injection and John the Ripper with sql result file Hojung 2014.10.04 4142
27 DVWA - Using Metasploit with Command Execution (backdoor using nc and access from Metasploit) file Hojung 2014.10.04 3945
Board Pagination ‹ Prev 1 2 ... 3 Next ›
/ 3

Designed by sketchbooks.co.kr / sketchbook5 board skin

나눔글꼴 설치 안내


이 PC에는 나눔글꼴이 설치되어 있지 않습니다.

이 사이트를 나눔글꼴로 보기 위해서는
나눔글꼴을 설치해야 합니다.

설치 취소

Sketchbook5, 스케치북5

Sketchbook5, 스케치북5

Sketchbook5, 스케치북5

Sketchbook5, 스케치북5