Cracking Rick Astley: Nev1r-G0nna-G2ve-Y8u-Up-N5v1r-G1nna-Let-Y4u-D1wn-N8v4r-G5nna-D0sert-You

There was a fun tweet by Arseniy Sharoglazov outlining a possible backdoor in ZIP files [here]:

But, there’s an easy solution to this, and where the 7zip app basically just hashes the password when it is over 40 characters. For this, it uses the SHA-1 (160-bit) hash to perform this conversion and then just converts the byte values to ASCII characters. And, so, it is not a backdoor but just another way to represent the password. For the tweet, the input used is:

Nev1r-G0nna-G2ve-Y8u-Up-N5v1r-G1nna-Let-Y4u-D1wn-N8v4r-G5nna-D0sert-You

and the output is:

pkH8a0AqNbHcdw8GrmSp

Here is the Python code to implement this:

from cryptography.hazmat.primitives import hashes
import binascii
from cryptography.hazmat.backends import default_backend
st="Nev1r-G0nna-G2ve-Y8u-Up-N5v1r-G1nna-Let-Y4u-D1wn-N8v4r-G5nna-D0sert-You"
try:
 data=st.encode()