Download All File Extensions
curl -s https://fileinfo.com/filetypes/compressed | html2text | awk '{print tolower($1)}' | grep "\." | tee -a compressed_ext.txtwith tar, the tool openssl or gpg is used to encrypt the archives.
Cracking Archives
Cracking ZIP
Using zip2john
zip2john ZIP.zip > zip.hashViewing the Contents of zip.hash
cat zip.hash Cracking the Hash with John
john --wordlist=rockyou.txt zip.hashjohn --wordlist=rockyou.txt zip.hashCracking OpenSSL Encrypted Archives
file GZIP.gzip
GZIP.gzip: openssl enc'd data with salted passwordTherefore, the safest choice for success is to use the openssl tool in a for-loop that tries to extract the files from the archive directly if the password is guessed correctly.
Using a for-loop to Display Extracted Contents
for i in $(cat rockyou.txt);do openssl enc -aes-256-cbc -d -in GZIP.gzip -k $i 2>/dev/null| tar xz;doneLook in current folder for cracked files
Cracking BitLocker Encrypted Drives
BitLocker is an encryption program for entire partitions and external drives.
available since Windows Vista and uses the AES encryption algorithm with 128-bit or 256-bit length.
If the password or PIN for BitLocker is forgotten, we can use the recovery key to decrypt the partition or drive
The recovery key is a 48-digit string of numbers generated during BitLocker setup that also can be brute-forced.
bitlocker2john
Four different hashes will be extracted, which can be used with different Hashcat hash modes. For our example, we will work with the first one, which refers to the BitLocker password.
Using bitlocker2john
bitlocker2john -i Backup.vhd > backup.hashesgrep "bitlocker\$0" backup.hashes > backup.hashcat backup.hashThe Hashcat mode for cracking BitLocker hashes is -m 22100
Using hashcat to Crack backup.hash
hashcat -m 22100 backup.hash /opt/useful/seclists/Passwords/Leaked-Databases/rockyou.txt -o backup.crackedViewing the Cracked Hash
cat backup.cracked The easiest way to mount a BitLocker encrypted virtual drive is to transfer it to a Windows system and mount it