Recover password of password protected zip file

In this article we will get to know about how to get password of a zip file. I’m using Linux I went with a quick search and came across fcrackzip. This is a free program that allows for both dictionary and brute force cracking of zip file passwords. It is not difficult to use and offers a wide range of options.

  • Let’s make a zip file than we will copy paste it into Linux after that we will try to break this password by fcrackzip. I created a zip file. This zip file’s password is 12345678.
    Creating password protected zip

    Creating password protected secret.zip

  • In Terminal type fcrackzip –help this command will open help options for fcrackzip
    USAGE: fcrackzip
              [-b|--brute-force]            use brute force algorithm
              [-D|--dictionary]             use a dictionary
              [-B|--benchmark]              execute a small benchmark
              [-c|--charset characterset]   use characters from charse
              [-h|--help]                   show this message
              [--version]                   show the version of this program
              [-V|--validate]               sanity-check the algortihm
              [-v|--verbose]                be more verbose
              [-p|--init-password string]   use string as initial password/file
              [-l|--length min-max]         check password with length min to max
              [-u|--use-unzip]              use unzip to weed out wrong passwords
              [-m|--method num]             use method number "num" (see below
              [-2|--modulo r/m]             only calculcate 1/m of the password
              file...                    the zipfiles to crack
    
    

There are 2 methods to get the password of zip file

  • Brute force attack
    If you wanted to use a brute force attack from 4-8 characters on “secret.zip” you would use the following command:



    $fcrackzip -v -m -l 4-8 -u secret.zip

    To break the command down:

    • v is for verbose and gives you better output
    • m specifies the mode to use, in this case zip6
    • l specifies the minimum password length to maximum password length
    • u tells the program to test the password with unzip before declaring it correct

    This will run through all those possibilities and will take some time depending on how long the password is and how many you will be trying. It is much faster to use a dictionary based crack.

  • Dictionary based Attack
    Using dictionary based attack is as easy as brute force attack

    $ fcrackzip -v -D -u -p /usr/share/dict/words secret.zip
    

    Here the only difference is the -D to specify a dictionary based attack and -p which is used to specify the password file. This file should contain one word per line and on Linux systems there’s a nice dictionary included in /usr/share/dict/words or you can use any other password dictionaries.

REFERENCES
http://knoxd3.blogspot.in/2013/10/how-to-use-fcrackzip-in-kali-linux.html
http://oldhome.schmorp.de/marc/fcrackzip.html

This article is contributed by Akash Sharan. If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to contribute@geeksforgeeks.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.

Please write comments if you find anything incorrect, or you want to share more information about the topic discussed above.



My Personal Notes arrow_drop_up


Article Tags :

Be the First to upvote.


Please write to us at contribute@geeksforgeeks.org to report any issue with the above content.