Find us on Google+ Bypass The Security

Chitika

clicksor

Sunday, 3 November 2013

Crack password protected zip files


Crack the password

 protected zip files using 

fcrackzip - Backtrack





We frequently use zipped files due to its small size and strong encryption algorithm. These zipped files comes with a facility of password protection which maintains the security of the files.
But sometimes this security feature turns into a drawback if we somehow forget the password. In that case the password cracker play their role. You can also use them if you downloaded a zipped file with password protection on it.
In my last article, if you followed then we learned to
 make a bootable USB of backtrack. So here I'm gonna introduce a tool which is present in Backtrack and if you have no past experience with Linux then no issues you can start from here. The open source tool we are gonna use is called fcrackzip.
fcrackzip is a fast password cracker partly written in assembler. It is able to crack password protected zip files with brute force or dictionary based attacks, optionally testing with unzip its results.


Here, for the demonstration I'm gonna make a file crackme.zip with a password abcde using winrar. You can also try with me from here.

1) Right click on the file > select add to archieve..
2) Under General tab select ZIP rather than RAR, then under Advanced tab > set Password
3) Suppose our final password protected zip file is crackme.zip (you can use your own)
4) Now copy this file on the desktop for ease in your Backtrack
5) Then click on the Top Right button saying Applications.
6) Navigate to Backtrack > Privilege Escalation > Password Attacks >Offline Attacks > fcrackzip
7) The following terminal screen will pop up


The fcrackzip is loaded with the following options:
-b brute force
-D dictionary Attack
-B benchmark
-c charset characterset
-h help
-V validate
-p init-password string
-l length min-max
-u use-unzip
-m method num
-2 modulo r/m

8) I'm going to apply the brute force attack for password cracking. So the following command will be useful...
fcrackzip -b -c a -l 1-6 /root/Desktop/crackme.zip
here,
-b > bruteforce
-c a > charset lower case alphabets
-l 1-6 > length of expected password

9) Hit Enter and wait for few minutes. fcrackzip combining with Backtrack turns into a more faster password cracking tool
10) That's it. It'll show the password after certain attempts.


Note: Brute force assures gurantee of the result but often take very much time even years for a very strong password to crack. If you use Encrypted language for the password then it may be impossible to apply the brute force. In such case do search for other working alternatives.

"The quieter you become, the more you are able to hear"