Recover password of password protected zip file

In this article, we will get to know about how to get the password of a zip file. I’m using Linux I went with a quick search and came across fcrackzip. This is a free program that allows for both dictionary and brute force cracking of zip file passwords. It is not difficult to use and offers a wide range of options. 
Let’s make a zip file then we will copy-paste it into Linux after that we will try to break this password by fcrackzip. I created a zip file. This zip file’s password is 12345678.

Creating password protected zip

Creating password protected

In Terminal type fcrackzip –help this command will open help options for fcrackzip 

USAGE: fcrackzip
          [-b|--brute-force]            use brute force algorithm
          [-D|--dictionary]             use a dictionary
          [-B|--benchmark]              execute a small benchmark
          [-c|--charset characterset]   use characters from charse
          [-h|--help]                   show this message
          [--version]                   show the version of this program
          [-V|--validate]               sanity-check the algortihm
          [-v|--verbose]                be more verbose
          [-p|--init-password string]   use string as initial password/file
          [-l|--length min-max]         check password with length min to max
          [-u|--use-unzip]              use unzip to weed out wrong passwords
          [-m|--method num]             use method number "num" (see below
          [-2|--modulo r/m]             only calculcate 1/m of the password
          file...                    the zipfiles to crack

There are 2 methods to get the password of the zip file 

1. Brute force attack: If you wanted to use a brute force attack from 4-8 characters on “” you would use the following command: 

$fcrackzip -v -m -l 4-8 -u

To break the command down: 

  • v is for verbose and gives you better output
  • m specifies the mode to use, in this case, zip6
  • l specifies the minimum password length to maximum password length
  • u tells the program to test the password with unzip before declaring it correct

2. Dictionary-based Attack: Using a dictionary-based attack is as easy as brute force attack


$ fcrackzip -v -D -u -p /usr/share/dict/words

Here: /usr/share/dict/words is the wordlists and is the zipped file that is encrypted.


fcrackzip -v -D -u -p /usr/share/wordlists/rockyou.txt

Here the only difference is the -D to specify a dictionary-based attack and -p which is used to specify the password file. This file should contain one word per line and on Linux systems, there’s a nice dictionary included in /usr/share/dict/words or you can use any other password dictionaries. 

This article is contributed by Akash Sharan. If you like GeeksforGeeks and would like to contribute, you can also write an article using or mail your article to See your article appearing on the GeeksforGeeks main page and help other Geeks. 

Please write comments if you find anything incorrect, or you want to share more information about the topic discussed above.

My Personal Notes arrow_drop_up

Improved By : manav014

Article Tags :


Please write to us at to report any issue with the above content.