search

openwall / johnny

GUI frontend to John the Ripper password cracker
https://openwall.info/wiki/john/johnny
Other
537 stars 128 forks source link

DMG file password recovery #130

Closed prenost closed 9 months ago

prenost commented 9 months ago

Hello I am not sure if this is the place to do this but I have no other option and do not know what else to do. So I am sorry if this is wrong place. I have installed Johnny as I could not figure out to do normal John the ripper and the GUI seemed easier, but now when I try to use Johnny it tells me that I " Sorry, AVX2 is required for this build". My brother has somehow locked his photos and family information in a DMG file that he has forgot password too, I am trying to help him get access again. I have been trying for days but cannot figure it out. Can someone help please.

solardiz commented 9 months ago

Hi. Certainly not the right place - the error message is from John, not Johnny. Also, not an issue we need to track, so I'll close it. However, my best guess is that you're on macOS and perhaps on Apple Silicon, yet using a build for macOS on Intel. If so, you can get around this AVX2 hurdle by using either a build for Intel that does not require AVX2 such as john-1.8.0.9-jumbo-macosx_sse4.zip found in https://download.openwall.net/pub/projects/john/contrib/macosx/ or by using a native build for ARM such as macOS-ARM_1_JtR.7z found in https://github.com/openwall/john-packages/releases

I hope this helps. If you require any further support, I suggest that you join the john-users mailing list and ask in there.

solardiz commented 9 months ago

I could not figure out to do normal John the ripper

Here are some general instructions for your use case:

1. Download john-1.8.0.9-jumbo-macosx_sse4.zip

2. Extract the downloaded archive.

3. Type this command, with the two paths replaced with actual ones:

/Users/username/where/you/extracted/john-1.8.0.9-jumbo-macosx_sse4/run/dmg2john /path/to/file.dmg > hash.txt

4. If the above produces a non-empty hash.txt, you can run:

/Users/username/where/you/extracted/john-1.8.0.9-jumbo-macosx_sse4/run/john hash.txt

5. This will crack the weakest passwords.  If it keeps running for days,
you may need to:

6. Focus the attack based on what you know/recall about the password.
Usually "mask mode" is helpful here, see doc/MASK.

Besides john-users, your other option is to contact Openwall for paid support or password recovery service. This is typically too expensive for personal files and failure is likely even with such service and this is a distraction from our primary activities, but we do give this last resort option. We'll expect you to manage at least the dmg2john step on your system, so that you do not need to share (and we don't need to download) the entire DMG file.