Username: 
Password: 
Restrict session to IP 

I need Help with a ZIP encrypted

1 2
Global Rank: 73
Totalscore: 213052
Posts: 148
Thanks: 206
UpVotes: 108
Registered: 16y 280d
Kender`s Avatar



Last Seen: 2y 251d
The User is Offline
I need Help with a ZIP encrypted
Google/translate1Thank You!1Good Post!0Bad Post! link
Quote from HaDeS

The server was formated a few weeks ago, and the data is irrecoverable Sad

Thank you very much Z and Kender for the reply. With that analysis I'm sure that the file is encrypted with AES 256.

Well, you only have a few options left.
1. talk to anyone who used that server and ask them if they ever encrypted zip files, and if yes with which password.
2. find a password cracker for winzip AES 256 encrypted files, run a wordlist and a bruteforce. If the pass is less than 12 characters you should be able to crack it within a year or so.
Global Rank: 29990
Totalscore: 0
Posts: 265
Thanks: 243
UpVotes: 180
Registered: 24y 363d
Last Seen: 1s
The User is Online
I need Help with a ZIP encrypted
Google/translate1Thank You!0Good Post!1Bad Post! link
Quote from Kender


2. find a password cracker for winzip AES 256 encrypted files, run a wordlist and a bruteforce. If the pass is less than 12 characters you should be able to crack it within a year or so.



This one was good.You made him not to loose his confidence.xD
Global Rank: 56
Totalscore: 251132
Posts: 58
Thanks: 69
UpVotes: 59
Registered: 16y 176d
hds`s Avatar






The User is Offline
I need Help with a ZIP encrypted
Google/translate1Thank You!1Good Post!0Bad Post! link
I already try the option of bruteforce and dictionary attack, like I described in the first post
Quote from HaDeS

After all that, I started a brute-force attack and a dictionary one (The dictionary had over 20 million words and some that I always use for passwords)... these two approaches failed though.
That attack was performed with Elcomsoft Advanced Archive Password Recovery.


I will contact the people who mantained the server.
Greets, and thanks again for the reply
Global Rank: 54
Totalscore: 255350
Posts: 156
Thanks: 132
UpVotes: 163
Registered: 16y 279d





Last Seen: 13d 6h
The User is Offline
I need Help with a ZIP encrypted
Google/translate1Thank You!0Good Post!1Bad Post! link
Quote from HaDeS

I sent a message to TheHiveMind, and he replied me that "try to check whether there are any 0x0a bytes in the file that are no t directly preceded by a 0x0d byte" to find if I used binary mode or text mode, and I found some 0a 0d bytes and others 0a 0x bytes.
At the moment, I think that isn't a error of transmision.

I have a strong feeling that the file was not corrupted during transmission too. Because most of the time when it's broken Winzip will say that the file is corrupt due to CRC check errors. Probably someone set the password on it.
Also, do you have a copy of any file inside the zip archive? If so, it is possible to recover the password using a famous known plaintext attack ;)
Global Rank: 56
Totalscore: 251132
Posts: 58
Thanks: 69
UpVotes: 59
Registered: 16y 176d
hds`s Avatar






The User is Offline
I need Help with a ZIP encrypted
Google/translate1Thank You!1Good Post!0Bad Post! link
I quangntenemy, I have a lot of archives inside the .ZIP, I checked the file size and the files that I have are equals, but when I use the PKcrack software to do the plain-text attack, it finished saying that the plain text is wrong. I tried too with the Elcomsoft software and it shows me a message that says "Plain-text attack isn't aplicable for this file"
I think is 'cause the plain-text attack is not supported for zip files encrypted with AES.
Anyway thanks for the reply Smile
1 2
tunelko, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri, csuquvq have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 14456 times.