Once the archive is extracted, you typically find a nested file (e.g., flag.txt or a .pcap ). cat flag.txt
Open the file in a hex editor (like HxD or Ghex ). Ensure the header starts with the standard 7z signature: 37 7A BC AF 27 1C 00 03
Crack the hash using a wordlist: john --wordlist=rockyou.txt gt_hash.txt