- PASSWORD FOR ZIP MAC ARCHIVE
- PASSWORD FOR ZIP MAC FULL
- PASSWORD FOR ZIP MAC PLUS
- PASSWORD FOR ZIP MAC MAC
The same machine was only able to achieve ~28 million hashes per second when running on all 8 cores.
PASSWORD FOR ZIP MAC MAC
I've tested this on several Macs and performance was very promising.įor example, on a 2013 Mac Pro, the program had a throughput of ~1.7B hashes per second (running concurrently on both GPUs). Real-world performance seems to be at least 1-2 orders of magnitude faster than what you can expect with a nice Intel CPU. It is set up to simultaneously utilize all available GPUs on a given system, but you can pick a single GPU from the command line if you wish. The program uses a Metal-API based compute shader to bruteforce the password.
PASSWORD FOR ZIP MAC PLUS
How many known bytes of header do we need? Since we already have one known plaintext byte from the ZIP encryption header, I'd say the minimum is probably 2-3 bytes.Īt 2 known header bytes plus the extra known byte, the GPU would trigger a false-positive roughly once every 2^24 attempts (about 16M), which would actually be pretty frequent and might significantly reduce performance. It should be very easy to add additional file formats by setting up a table that uses the extension of the file within the ZIP archive, and having some hardcoded plaintext header bytes for each file format.
PASSWORD FOR ZIP MAC ARCHIVE
Note: The current version only supports decrypting 'stored' ZIP archives within ZIP archives (meaning a ZIP archive stored - not compressed - within another ZIP archive).
PASSWORD FOR ZIP MAC FULL
If that test passes, the GPU returns the index of the password that generated it, and we do an actual full decryption to verify the password is correct (because in some cases we will run trillions of tests, this might actually happen numerous times during a lenghty run).Now we have a total of 5 decrypted bytes we can compare against known plaintext bytes.Decrypt the first 4 bytes of the encrypted files.Either way, it is available to us as a quick way to rule out most passwords. That 12th byte is either a byte from the file's CRC or from the file's modified date. Decrypt the 11 salt bytes traditional ZIP encryption uses to ensure randomness, plus the 12th byte which is used as a quick password check.Hash that password into a 96-bit decryption key.Generate a password based on the current iterator value and a given characterset (uppercase, lowercase, symbols, etc.).This means that for each bruteforcing iteration we need to do the following: So we effectively have 4 bytes of plaintext at the very beginning of the encrypted stream. Luckily, since in this case the encrypted file is in itself another ZIP archive, we know the 4-byte file header. In such a scenario, bruteforcing is going to be very expensive since each password permutation will require millions of operations. For bruteforcing, you would normally have to decrypt the entire file in order to actually confirm that you have the correct password. In my recent Metal API studies, I was curious to see if the GPU could offer a meaningful performance advantage if one wanted to simply bruteforce the password of such an archive. This program does not support such archives. NOTE: Modern ZIP archives are encrypted using a stronger, AES-based encryption cipher (which is not supported by this program) that utilizes proper password hashing based on PBKDF2, and will therefore be significantly slower to brute-force. This was a fairly primitive, 96-bit encryption scheme that has been broken in a number of different ways, though most of these techniques seem to require at least 12-14 bytes of known plaintext (which seems difficult to get with these ZIP archives I stored inside the encrypted ZIP archive). These ZIP archives were stored using the original ZIP encryption method, often referred to as the 'traditional PKWARE encryption'. Unsurprisingly, after over 15 years many of the passwords to those archives are now long forgotten, and so cracking them somehow became interesting. If you wanted to hide filenames, folder names, etc., you had to first put everything into one ZIP archive, then store that single archive into another, encrypted ZIP file. The problem was that ZIP archives don't actually encrypt their directory, so the metadata was stored in plaintext. Years ago, when I wanted to store files with a reasonable amount of security/privacy, I would use encrypted ZIP archives to store files. A fast GPU-based password brute-forcing tool for ZIP archives (for macOS)
0 kommentar(er)
