{"id":1501,"date":"2024-07-20T15:18:08","date_gmt":"2024-07-20T13:18:08","guid":{"rendered":"https:\/\/cln.io\/blog\/?p=1501"},"modified":"2024-10-12T19:39:32","modified_gmt":"2024-10-12T17:39:32","slug":"writeup-on-how-to-crack-a-7z-password","status":"publish","type":"post","link":"https:\/\/cln.io\/blog\/writeup-on-how-to-crack-a-7z-password\/","title":{"rendered":"WriteUp on how to crack a 7z password"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Just my brain dump, for future use on how to crack a 7z password (as a CTF challenge of course &#x1f609;)<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Required tools<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/philsmd\/7z2hashcat\">https:\/\/github.com\/philsmd\/7z2hashcat<\/a> (to extract the hash from the .7z)<\/li>\n\n\n\n<li><a href=\"https:\/\/hashcat.net\/hashcat\/\">https:\/\/hashcat.net\/hashcat\/<\/a> (hashcat binaries)<\/li>\n\n\n\n<li><a href=\"https:\/\/developer.nvidia.com\/cuda-downloads\">https:\/\/developer.nvidia.com\/cuda-downloads<\/a> (CUDA software)<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Word lists<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">I&#8217;ve had success with these any\/or<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/labs.nettitude.com\/blog\/rocktastic\/\">https:\/\/labs.nettitude.com\/blog\/rocktastic\/<\/a> Rocktastic12a<\/li>\n\n\n\n<li><a href=\"https:\/\/weakpass.com\/wordlist\/1947\">https:\/\/weakpass.com\/wordlist\/1947<\/a>  weakpass_3<\/li>\n\n\n\n<li><a href=\"https:\/\/weakpass.com\/wordlist\/1927\">https:\/\/weakpass.com\/wordlist\/1927<\/a>  cyclone.hashesorg.hashkiller.combined.txt<\/li>\n\n\n\n<li>realuniq.lst<\/li>\n\n\n\n<li>realhuman_phill.txt<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Rules for hashcat<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/github.com\/samirettali\/password-cracking-rules\/blob\/master\/best64.rule\">https:\/\/github.com\/samirettali\/password-cracking-rules\/blob\/master\/best64.rule<\/a> <\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Preparation<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Get all the tools installed<\/li>\n\n\n\n<li>Delete all OpenCL.dll, OpenCL32.dll, OpenCL64.dll files from system (hashcat kept picking OpenCL instead of CUDA in my case) <a href=\"https:\/\/hashcat.net\/wiki\/doku.php?id=frequently_asked_questions#i_may_have_the_wrong_driver_installed_what_should_i_do\" target=\"_blank\" rel=\"noreferrer noopener\">as per this post<\/a><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Extract the hash to crack<\/h2>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">.\\7z2hashcat64-1.9.exe mysession.7z<\/pre>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"511\" src=\"https:\/\/cln.io\/blog\/wp-content\/uploads\/2024\/06\/image-1024x511.png\" alt=\"\" class=\"wp-image-1502\" srcset=\"https:\/\/cln.io\/blog\/wp-content\/uploads\/2024\/06\/image-1024x511.png 1024w, https:\/\/cln.io\/blog\/wp-content\/uploads\/2024\/06\/image-300x150.png 300w, https:\/\/cln.io\/blog\/wp-content\/uploads\/2024\/06\/image-768x383.png 768w, https:\/\/cln.io\/blog\/wp-content\/uploads\/2024\/06\/image.png 1103w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\">Save this hash to a file named myhash.txt<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Lets launch hashcat on this hash <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">NOTE: <a href=\"https:\/\/trustedsec.com\/blog\/better-hacking-through-cracking-know-your-rules\" target=\"_blank\" rel=\"noreferrer noopener\">use rules <\/a><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">.\\hashcat.exe --hash-type 11600 myhash.txt --attack-mode 0 --outfile 4080super_try.txt --keep-guessing .\\cyclone.hashesorg.hashkiller.combined.txt\n.\\hashcat.exe --hash-type 11600 new_try.txt --attack-mode 0 --outfile 4080super_try.txt --rules-file best64.rule --keep-guessing .\\Rocktastic12a\n\n.\\cyclone.hashesorg.hashkiller.combined.txt is too heavy for rules \n\n.\\hashcat.exe --hash-type 11600 new_try.txt --attack-mode 0 --outfile 4080super_try.txt --keep-guessing -.\\cyclone.hashesorg.hashkiller.combined.txt\n.\\hashcat.exe --hash-type 11600 new_try.txt --attack-mode 0 --outfile 4080super_try.txt --rules-file best64.rule --keep-guessing .\\realhuman_phill.txt<\/pre>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"770\" src=\"https:\/\/cln.io\/blog\/wp-content\/uploads\/2024\/06\/image-1-1024x770.png\" alt=\"\" class=\"wp-image-1506\" srcset=\"https:\/\/cln.io\/blog\/wp-content\/uploads\/2024\/06\/image-1-1024x770.png 1024w, https:\/\/cln.io\/blog\/wp-content\/uploads\/2024\/06\/image-1-300x226.png 300w, https:\/\/cln.io\/blog\/wp-content\/uploads\/2024\/06\/image-1-768x578.png 768w, https:\/\/cln.io\/blog\/wp-content\/uploads\/2024\/06\/image-1.png 1337w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Just my brain dump, for future use on how to crack a 7z password (as a CTF challenge of course &#x1f609;) Required tools Word lists I&#8217;ve had success with these any\/or Rules for hashcat Preparation [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1502,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[48],"tags":[],"class_list":["post-1501","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security"],"_links":{"self":[{"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/posts\/1501","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/comments?post=1501"}],"version-history":[{"count":9,"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/posts\/1501\/revisions"}],"predecessor-version":[{"id":1512,"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/posts\/1501\/revisions\/1512"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/media\/1502"}],"wp:attachment":[{"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/media?parent=1501"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/categories?post=1501"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cln.io\/blog\/wp-json\/wp\/v2\/tags?post=1501"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}