How to Crack a Password Protected Zip Files using Kali Linux

Today we’re going to crack a password protected zip files using Kali Linux Hacking tools. It doesn’t matter if you have Kali Linux, but you can still crack zip files using Ubuntu distro or any other Linux distro.

However, if we talk about Kali Linux it has a built-in tool called: fcrackzip but you can still use any other softwares available online for cracking zip files.
Let’s get started!

Crack a Password Protected Zip Files using fcrackzip

root@TheHackerToday:~# fcrackzip --help

fcrackzip version 1.0, a fast/free zip password cracker
written by Marc Lehmann <pcg@goof.com> You can find more info on
http://www.goof.com/pcg/marc/

USAGE: fcrackzip
          [-b|--brute-force]            use brute force algorithm
          [-D|--dictionary]             use a dictionary
          [-B|--benchmark]              execute a small benchmark
          [-c|--charset characterset]   use characters from charset
          [-h|--help]                   show this message
          [--version]                   show the version of this program
          [-V|--validate]               sanity-check the algortihm
          [-v|--verbose]                be more verbose
          [-p|--init-password string]   use string as initial password/file
          [-l|--length min-max]         check password with length min to max
          [-u|--use-unzip]              use unzip to weed out wrong passwords
          [-m|--method num]             use method number "num" (see below)
          [-2|--modulo r/m]             only calculcate 1/m of the password
          file...                    the zipfiles to crack

methods compiled in (* = default):

 0: cpmask
 1: zip1
*2: zip2, USE_MULT_TAB

root@TheHackerToday:~# fcrackzip --help

fcrackzip version 1.0, a fast/free zip password cracker

written by Marc Lehmann <pcg@goof.com> You can find more info on

http://www.goof.com/pcg/marc/

USAGE: fcrackzip

[-b|--brute-force] use brute force algorithm

[-D|--dictionary] use a dictionary

[-B|--benchmark] execute a small benchmark

[-c|--charset characterset] use characters from charset

[-h|--help] show this message

[--version] show the version of this program

[-V|--validate] sanity-check the algortihm

[-v|--verbose] be more verbose

[-p|--init-password string] use string as initial password/file

[-l|--length min-max] check password with length min to max

[-u|--use-unzip] use unzip to weed out wrong passwords

[-m|--method num] use method number "num" (see below)

[-2|--modulo r/m] only calculcate 1/m of the password

file... the zipfiles to crack

methods compiled in (* = default):

0: cpmask

1: zip1

*2: zip2, USE_MULT_TAB

Okay, Now we know how to use fcrackzip but where we can find dictionary’s for dictionary attack.

Kali Linux has many word-list’s

root@TheHackerToday:~# locate wordlists

1	root@TheHackerToday:~# locate wordlists

The most useful and which i use every-time.

root@TheHackerToday:~# locate rockyou.txt
/usr/share/wordlists/rockyou.txt

1 2	root@TheHackerToday:~# locate rockyou.txt /usr/share/wordlists/rockyou.txt

So, we’re going to use rockyou.txt dictionary for dictionary attack. If you’re unable to find your password from that dictionary you can use these.

Large Password Lists: Password Cracking Dictionary’s Download For Free

Let’s get started!

Crack a Password Protected Zip File using Dictionary Attack

root@TheHackerToday:~/Desktop# fcrackzip -u -D -p /usr/share/wordlists/rockyou.txt fsociety.zip
PASSWORD FOUND!!!!: pw == justdoit

1 2	root@TheHackerToday:~/Desktop# fcrackzip -u -D -p /usr/share/wordlists/rockyou.txt fsociety.zip PASSWORD FOUND!!!!: pw == justdoit

As you can see we found our zip password through dictonary attack. But it’s your call which settings you prefer or do this.

root@TheHackerToday:~# fcrackzip --help

1	root@TheHackerToday:~# fcrackzip --help