Crack Encrypted Zip File

Posted on  by



  1. Crack Protected Zip File

This tutorial demonstrates how to crack passwords on encrypted ZIP files. The application used for this example is fcrackzip.

Software

A ZIP password cracker is a software that can be used to crack ZIP file passwords. Unlike the previously mentioned techniques that can be applied without software and are free, a ZIP password cracker is a ZIP Password Recovery tool that is downloaded and purchased. Crack ZIP File Password Using CMD CMD is short for Microsoft Windows command. However, in the cracking of a ZIP file password, you will need to download a CMD line tool. This CMD line tool is known as John the Ripper, and it is a free cracking tool available for basically all operating systems.

File
  • fcrackzip
How to open encrypted filesCrack Encrypted Zip File

Install fcrackzip

  • Included in Kali Linux
  • If not currently installed on your distro:
    • $sudo apt-get update
    • $sudo apt-get install fcrackzip

Using fcrackzip

For this example, we will use a dictionary attack to crack a ZIP password. Start by creating a text file and storing it in an encrypted ZIP file.

Crack encrypted zip file
  • $cat > file.txt
  • $This is a sample file. (Press enter)
  • Ctrl + C
  • $cat file.txt
  • $zip –encrypt sample.zip file.txt
  • Repeat password twice

To view options for fcrackzip, use the following command (manpage found here):

How to open encrypted files
  • $fcrackzip –help

Use the rockyou.txt word list that comes default with Kali. Sudo is required to move this file.

  • $sudo cp /usr/share/wordlists/rockyou.txt.gz rockyou.txt.gz
  • $sudo gzip -d rockyou.txt.gz

Use fcrackzip and rockyou.txt to crack the password on the ZIP file. Adjust the paths for your environment.

  • $fcrackzip -v -u -D -p /home/pentaroot/rockyou.txt /home/pentaroot/sample.zip
    • -u(–use-unzip); helps with false positives
    • -D (–dictionary); selects dictionary mode
    • -p (–init-password string); use to select the rockyou.txt file
    • -v (–verbose); not required

Fcrackzip found the password ‘starwars’. If this did not work for your password, you may try additional word lists found on Kali or download additional ones online to try.

On Your Own

Crack Protected Zip File

There are other ways to use fcrackzip to crack ZIP passwords rather than using a dictionary attack. Brute forcing is another option that is worth a try. Start with an easy password for a dictionary attack and then move on to a brute force attack with a stronger password. As mentioned previously, refer to the fcrackzip man page for additional options.