Open In App

Recover password of password protected zip file

Improve
Improve
Like Article
Like
Save
Share
Report

In this article, we will get to know about how to get the password of a zip file. I’m using Linux I went with a quick search and came across fcrackzip. This is a free program that allows for both dictionary and brute force cracking of zip file passwords. It is not difficult to use and offers a wide range of options. 
Let’s make a zip file then we will copy-paste it into Linux after that we will try to break this password by fcrackzip. I created a zip file. This zip file’s password is 12345678.
 

Creating password protected zip

Creating password protected secret.zip

In Terminal type fcrackzip –help this command will open help options for fcrackzip 
 

USAGE: fcrackzip
          [-b|--brute-force]            use brute force algorithm
          [-D|--dictionary]             use a dictionary
          [-B|--benchmark]              execute a small benchmark
          [-c|--charset characterset]   use characters from charset
          [-h|--help]                   show this message
          [--version]                   show the version of this program
          [-V|--validate]               sanity-check the algorithm
          [-v|--verbose]                be more verbose
          [-p|--init-password string]   use string as initial password/file
          [-l|--length min-max]         check password with length min to max
          [-u|--use-unzip]              use unzip to weed out wrong passwords
          [-m|--method num]             use method number "num" (see below
          [-2|--modulo r/m]             only calculate 1/m of the password
          file...                    the zipfiles to crack

There are 2 methods to get the password of the zip file 
 

1. Brute force attack: If you wanted to use a brute force attack from 4-8 characters on “secret.zip” you would use the following command: 

$fcrackzip -v -m -l 4-8 -u secret.zip

To break the command down: 

  • v is for verbose and gives you better output
  • m specifies the mode to use, in this case, zip6
  • l specifies the minimum password length to maximum password length
  • u tells the program to test the password with unzip before declaring it correct

2. Dictionary-based Attack: Using a dictionary-based attack is as easy as brute force attack

Syntax:

$ fcrackzip -v -D -u -p /usr/share/dict/words secret.zip

Here: /usr/share/dict/words is the wordlists and secret.zip is the zipped file that is encrypted.

Example:

fcrackzip -v -D -u -p /usr/share/wordlists/rockyou.txt 16162020_backup.zip

Here the only difference is the -D to specify a dictionary-based attack and -p which is used to specify the password file. This file should contain one word per line and on Linux systems, there’s a nice dictionary included in /usr/share/dict/words or you can use any other password dictionaries. 

 

 


Last Updated : 31 Oct, 2022
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads