Starting with FCrackZip
Disclaimer: this tutorial is only for educational purpose and shows how to use FCrackZip for recovering your personal .zip password protected archives. Any abuse could be prosecuted by the laws of the country where you live and is not under my own responsability.
Using this tool is quite easy, but it requires some practice and attention, expecially if you don't know deeply its functionalities.Just to do a practical example, I've created a .zip archive containing a simple text file and I've protected it setting a quite simple password, so we can work quickly.
The password is really short, but follows the other rules of complex passwords: Ale1
As you can see, there are upper and lower case letters and numeric digits.
This cool piece of software can be set for doing a brute-force attack or using a dictionary.
The first method, anyway, is not the most practical, as it often creates a very long list of possible passwords without arriving to a definitive solution (after having checked various combinations: this can be seen for complex passwords and the screen output will be "checking pw: password"):
Code:
:$ fcrackzip -bv ./file.zip
One way to limit the number of attempts is to use a charset and some kind of "mask" (it's actually a starting point):
Code:
:$ fcrackzip -bvc Aa1 -p Aaa1 ./file.zip
In this way you tell to the program to use uppercase and lowercase letters and numeric digits, starting from a password with an uppercase letter, two lowercase letters and one digit.
With more complex passwords, the program usually works for a very long while, but when it finds something that could be similar to the real password its output (note that I've used the -v switch) becomes:
[b]possible pw found: Aaa1 ()[/b]Normally this generates a really long list of possible passwords and it would become impossible to try them all, so it becomes necessary to make the process automatically, saving the resulting possible passwords in a file that you will use later as a dictionary, with the other operational mode of fcrackzip!
For making it easy, I've used a three linux commands pipe.
These commands are in sequence fcrackzip - grep - sed
These three commands perform the following tasks (note that this example is adapted to our very simple password!):
- fscrackzip finds the possible passwords and, with the -v switch, generate a screen output
- grep, within the use of REGEXP searches the possible password inside the fcrackzip output and, with the -o switch, prints out only the string matching the regex pattern
- sed trims out all the starting and ending space characters of the grep's output
The result of this pipe is finally saved in the file named temp_dictionary.txt
Code:
:$ fcrackzip -bvc Aa1 -p Aaa1 ./file.zip | grep -o ' [a-zA-Z0-9]\{4\} ' | sed s/'\ '/''/g ./tmp_dictionary.txt
To finally find the correct password, fcrackzip is then executed again using its dictionary mode with the following syntax:
Code:
:$ fcrackzip -Dp ./tmp_dictionary.txt -uv ./file.zip
- -D e -p tell fcrackzip to use as starting password the strings contained in the dictionary text file (for each line a word).
- -u tells it to use unzip to remove the false positives.
In this way, after a very short while (always referring to our example), fcrackzip will find the correct password!
0 comments
No comments available: add yours!
Login or register to add a comment (registered users only)
