Situatie
I’m using Linux I went with a quick search and came across fcrackzip. This is a free program that allows for both dictionary and brute force cracking of zip file passwords. It is not difficult to use and offers a wide range of options. Let’s make a zip file then we will copy-paste it into Linux after that we will try to break this password by fcrackzip. I created a zip file. This zip file’s password is 12345678.
Solutie
Pasi de urmat
Brute force attack: If you wanted to use a brute force attack from 4-8 characters on “secret.zip” you would use the following command:
$fcrackzip -v -m -l 4-8 -u secret.zip
To break the command down:
- v is for verbose and gives you better output
- m specifies the mode to use, in this case, zip6
- l specifies the minimum password length to maximum password length
- u tells the program to test the password with unzip before declaring it correct
Dictionary-based Attack: Using a dictionary-based attack is as easy as brute force attack
Syntax:
$ fcrackzip -v -D -u -p /usr/share/dict/words secret.zip
Here: /usr/share/dict/words is the wordlists and secret.zip is the zipped file that is encrypted.
Example:
fcrackzip -v -D -u -p /usr/share/wordlists/rockyou.txt 16162020_backup.zip
Here the only difference is the -D to specify a dictionary-based attack and -p which is used to specify the password file. This file should contain one word per line and on Linux systems, there’s a nice dictionary included in /usr/share/dict/words or you can use any other password dictionaries.
Leave A Comment?