Brute forse exosted on 3-simbol password from pkzip2 Zip file with a picture

[AlexNikMak]

Hi everyone!

I have an issue. I am trying to crack MY .zip file with picture inside with brute force. I obtained hash with zip2john but this humongous hash can't be identified end can't be cracked by hashcat(I edit hash to $pkzip2$.......$/pkzip2$) But if I put instead of picture simple txt file all works. Zip file have same 3-simbol password. (qw1)

1.txt
pic.zip
txt.zip
pic.txt
txt.txt

Expected behavior:
Identify hash from zip2john (regardless of content in zip file) and crack with brute force (or at list start)

My software is:
OS: Windows10 Home
Version: 22H2
Heshcat: 6.2.6
GPU: 551.61
MY hardware is:
Ryzen 9 5900x
Nvidia RTX3070
Nvidia Quadro M2000
Nvidia Quadro M2000

[AlexNikMak]

I would be very grateful for any help or explanation what i did wrong.

[cxx-coder]

@AlexNikMak

Greetings.
Hashcat is working correctly. In your case the picture is in a zip archive without compression. The file size is 700+ kilobytes, while module 17210 (pkzip uncompressed) supports data up to 320 kilobytes.

hashcat/src/modules/module_17210.c

Line 112 in fafb277

#define MAX_DATA (320 * 1024)

[MrX0r]

Greetings. Hashcat is working correctly. In your case the picture is in a zip archive without compression. The file size is 700+ kilobytes, while module 17210 (pkzip uncompressed) supports data up to 320 kilobytes.

@cxx-coder
Can you change the limit so that it can also handle large file hash values by removing the limit of 320kb?