How to Crack a Password Protected Zip Files using Kali Linux

Today we’re going to crack a password protected zip files using Kali Linux Hacking tools. It doesn’t matter if you have Kali Linux, but you can still crack zip files using Ubuntu distro or any other Linux distro.

However, if we talk about Kali Linux it has a built-in tool called: fcrackzip but you can still use any other softwares available online for cracking zip files.
Let’s get started!

Crack a Password Protected Zip Files using fcrackzip

[email protected]:~# fcrackzip --help

fcrackzip version 1.0, a fast/free zip password cracker
written by Marc Lehmann <[email protected]> You can find more info on
http://www.goof.com/pcg/marc/

USAGE: fcrackzip
          [-b|--brute-force]            use brute force algorithm
          [-D|--dictionary]             use a dictionary
          [-B|--benchmark]              execute a small benchmark
          [-c|--charset characterset]   use characters from charset
          [-h|--help]                   show this message
          [--version]                   show the version of this program
          [-V|--validate]               sanity-check the algortihm
          [-v|--verbose]                be more verbose
          [-p|--init-password string]   use string as initial password/file
          [-l|--length min-max]         check password with length min to max
          [-u|--use-unzip]              use unzip to weed out wrong passwords
          [-m|--method num]             use method number "num" (see below)
          [-2|--modulo r/m]             only calculcate 1/m of the password
          file...                    the zipfiles to crack

methods compiled in (* = default):

 0: cpmask
 1: zip1
*2: zip2, USE_MULT_TAB

Okay, Now we know how to use fcrackzip but where we can find dictionary’s for dictionary attack.

Kali Linux has many word-list’s

[email protected]:~# locate wordlists

The most useful and which i use every-time.

[email protected]:~# locate rockyou.txt
/usr/share/wordlists/rockyou.txt

So, we’re going to use rockyou.txt dictionary for dictionary attack. If you’re unable to find your password from that dictionary you can use these.

Large Password Lists: Password Cracking Dictionary’s Download For Free

Let’s get started!

Crack a Password Protected Zip File using Dictionary Attack

[email protected]:~/Desktop# fcrackzip -u -D -p /usr/share/wordlists/rockyou.txt fsociety.zip
PASSWORD FOUND!!!!: pw == justdoit

As you can see we found our zip password through dictonary attack. But it’s your call which settings you prefer or do this.

[email protected]:~# fcrackzip --help