Hey Folks, in this tutorial we are going to talk about an third party ZIP file password cracking tool called “fcrackzip“. It is the best tool that gives us various options to decrypt encrypted zip files and crack the password of any compressed file. In this tutorial, we will demonstrate every feature of this tool and show you by cracking the password of protected zip file.
Note 😀 You can read the complete information about this tool from here.

Let’s take a look 🙂 !!

Installation

There are two methods for installing and configuring this tool on kali linux or any other operating system. The first way is to download this tool using the “wget” command and configure it using the “dpkg” command.

The other way is to install this tool directly using the following command if you are using the kali inux operating system.

Features

After successfully installing you can boot this tool using the following command and at the same time we can get some information about this tool by executing the “help” command.

Complete Info

Using the man command we can see all the user manuals of any specific command or tool.

System Benchmark

A unique feature of this tool is that we can see the actual benchmark score of our system by adding “B” letter in command.

Create ZIP File

The time has come to create a password protected zip file to demonstrate the use of this tool. We have also left a usage of command through which you can understand better.

Usage 🙂 !! zip –password < your password > < give zip file name > < files that you want compressed >

Cracking alphabet password protected file

You can easily crack the password if you have a minor knowledge about the password. In this case we knew that the password is completely in alphabetical letters, so as you can see the password is easily cracked.

  • -b = Bruteforce
  • -c = Charest
  • a’ = Alphabet Charset
  • 1′ = Numeric
  • ‘a1‘ = Alphabetical and Numeric
  • ‘!’ = Special Characters
  • ‘l’ = lenght

Cracking numeric password protected file

Thus, if the zip file is protected with numeric characters then you should try the following command. As we know the password is completely in numeric form that’s why we only add ‘1′ to the command to get a valid password.

Verbose Mode

We can activate verbose mode by adding “v” characters after which we can see some additional details about brute forcing.

Exclude Wrong Passwords

As you may have noticed, it also gives us the wrong password while cracking the password, so we can use the “-u” parameter to avoid this and to get the exact valid password.

Crack alphanumeric password protected file

Now the situation has become somewhat complicated because we do not know anything about the password, so what will we do in that case? Now we will take both alphabet and numeric characters in command and wait for it to crack. It takes some time but it has successfully cracked the password.

Minimum and Maximum Length

Now if you know anything about minimum and maximum length of password then you can mentioned in your command as like below.

Dictionary Attack

Sometimes you create your own wordlist to crack the password of zip files, in that case you can use your own wordlist using the following command.

Usgae 🙂 !! fcrackzip -D -p < your wordlist path > < zip fie >

Special Characters

You can include special characters in your brute force attack by adding “!” in command.

Example

Now we will combine all the feature once and try to crack the passphrase protected zip file. As you can see, cracking the password with the fcrackzip tool looks complicated.

Great 🙂 !! The results are in front of you and you can see that it has dumped the valid password of the zip file in a few seconds.

About the Author
Shubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.

1+

Leave a Reply