Last active
August 18, 2019 11:13
-
-
Save meme-lord/e3b00b268907028d93df9374071279ef to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Simple Script that identifies which hashcat mode a pkzip2 hash is | |
| # zip2john.c: https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/src/zip2john.c | |
| # Hashcat PKZIP support: https://github.com/hashcat/hashcat/pull/1962 | |
| from sys import argv | |
| def get_mode(hash): | |
| kek = hash.split('$pkzip2$')[1].split('*$/pkzip2$')[0].split('*') | |
| if kek[0] == '1': # single hash | |
| if kek[-5] == '0': # uncompressed | |
| return 17210 | |
| else: # compressed | |
| return 17200 | |
| else: | |
| compressed = False | |
| uncompressed = False | |
| for i in range(int(kek[0])): | |
| array_part = kek[2+i*7:9+i*7] | |
| if array_part[-5] == '0': | |
| uncompressed = True | |
| else: | |
| compressed = True | |
| if uncompressed: # this is the mixed mode but no mode for multi-file uncompressed | |
| return 17225 | |
| if compressed: | |
| return 17220 | |
| # Idk what the other mode is ( 17230 ) | |
| hashes = {} | |
| for i in argv[1:]: | |
| if '$pkzip2$' in i: | |
| mode = get_mode(i) | |
| if mode not in hashes: | |
| hashes[mode] = [] | |
| hashes[mode].append(i) | |
| else: | |
| with open(i) as f: | |
| for line in f.readlines(): | |
| if '$pkzip2$' in line: | |
| mode = get_mode(line) | |
| if mode not in hashes: | |
| hashes[mode] = [] | |
| hashes[mode].append(line.rstrip()) | |
| for x in hashes: | |
| print(x) | |
| for i in hashes[x]: | |
| print(i) | |
| print() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment