Today we’re going to crack a password protected zip files using Kali Linux Hacking tools. It doesn’t matter if you have Kali Linux, but you can still crack zip files using Ubuntu distro or any other Linux distro.
However, if we talk about Kali Linux it has a built-in tool called: fcrackzip but you can still use any other softwares available online for cracking zip files.
Let’s get started!
Crack a Password Protected Zip Files using fcrackzip
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
root@TheHackerToday:~# fcrackzip --help fcrackzip version 1.0, a fast/free zip password cracker written by Marc Lehmann <pcg@goof.com> You can find more info on http://www.goof.com/pcg/marc/ USAGE: fcrackzip [-b|--brute-force] use brute force algorithm [-D|--dictionary] use a dictionary [-B|--benchmark] execute a small benchmark [-c|--charset characterset] use characters from charset [-h|--help] show this message [--version] show the version of this program [-V|--validate] sanity-check the algortihm [-v|--verbose] be more verbose [-p|--init-password string] use string as initial password/file [-l|--length min-max] check password with length min to max [-u|--use-unzip] use unzip to weed out wrong passwords [-m|--method num] use method number "num" (see below) [-2|--modulo r/m] only calculcate 1/m of the password file... the zipfiles to crack methods compiled in (* = default): 0: cpmask 1: zip1 *2: zip2, USE_MULT_TAB |
Okay, Now we know how to use fcrackzip but where we can find dictionary’s for dictionary attack.
Kali Linux has many word-list’s
|
1 |
root@TheHackerToday:~# locate wordlists |
The most useful and which i use every-time.
|
1 2 |
root@TheHackerToday:~# locate rockyou.txt /usr/share/wordlists/rockyou.txt |
So, we’re going to use rockyou.txt dictionary for dictionary attack. If you’re unable to find your password from that dictionary you can use these.
Large Password Lists: Password Cracking Dictionary’s Download For Free
Let’s get started!
Crack a Password Protected Zip File using Dictionary Attack
|
1 2 |
root@TheHackerToday:~/Desktop# fcrackzip -u -D -p /usr/share/wordlists/rockyou.txt fsociety.zip PASSWORD FOUND!!!!: pw == justdoit |
As you can see we found our zip password through dictonary attack. But it’s your call which settings you prefer or do this.
|
1 |
root@TheHackerToday:~# fcrackzip --help |
