FcrackZip | How to Crack Zip File Password?

In this tutorial, we’ll use FcrackZip to recover password of Zip compressed file which is protected with an unknown password. We’ll use bruteforcing as well as dictionary attack to recover password.

FcrackZip

About

Fcrackzip is a popular password recovery tool for password protected ZIP files. It’s an open source application that’s pre-installed in Kali Linux.

Fcrackzip can be used for bruteforcing as well as dictionary attack against ZIP file. It’s written in Assembly and therefore results are impressive.

Preparing for the Attack!

As usual, we’ll crack password of our own ZIP file and not others.

Firstly, we need to install a zip program into our machine to be able to create zip compressed files. Let’s download the program with following command.

  • apt-get install zip

Now, we’ll create a password protected ZIP file with following command:

  • zip –password 1234 file.zip file.txt

Fcrackzip Commands

I’m providing you all basic fcrackzip commands here. You can view all updated commands by making following command:

  • fcrackzip -–help
  • man fcrackzip
[-b|–brute-force] use brute force algorithm
[-D|–dictionary] use a dictionary
[-B|–benchmark] execute a small benchmark
[-c|–charset characterset] use characters from charset
[-h|–help] show this message
[–version] show the version of this program
[-V|–validate] sanity-check the algorithm
[-v|–verbose] be more verbose
[-p|–init-password string] use string as initial password/file
[-l|–length min-max] check password with length min to max
[-u|–use-unzip] use unzip to weed out wrong passwords
[-m|–method num] use method number “num” (see below)
[-2|–modulo r/m] only calculate 1/m of the password file…

Bruteforcing Against Zip File

Bruteforce attack is a password attack in which all possible combination of English alphabets and characters are checked for being potential password.

Bruteforcing guarantees the success. But time required depends on the length and complexity of password. Passwords longer than 6 character requires too much time (months to years) to get cracked successfully. This makes the whole process infeasible.

Let’s, try to recover ZIP password using FcrackZIP with following commands:

  • fcrackzip -u -c Aa1 -p aaaaa file.zip

If you know the length of password, then enter the length range with -l.

  • fcrackzip -v -m zip6 -l 1-8 -u file.zip

Options Explained:

  • -c is for characters to be used to form possible passwords
  • -u to use unzip program to filter out incorrect password
  • -m is for method used
  • -v is for verbose!

Here, file.zip is password protected zip file and options are already defined above (refer Fcrackzip Commands).

###IMAGE

Dictionary Attack against Zip file!

Dictionary attacks are as good as the dictionary itself. So, if you have few hundred passwords in your dictionary list, then you have less chances than a file having few thousands passwords.

Not to mention, if you have around a million passwords in your password dictionary file – then chances of success are more. But when dictionary file grows too big, the overall attack turns into bruteforcing rather than dictionary (which have selective passwords).

Dictionary attacks are faster than brute-forcing but it doesn’t guarantee the success.

Now, to perform a dictionary attack on protected ZIP file, we use following commands:

  • fcrackzip -v -D -u -p /usr/share/dict/words.txt secret.zip

Options Explained:

  • -D is for dictionary attack
  • -u to use unzip program to filter out incorrect password
  • -p is used for password dictionary file
  • -v is for verbose

Countermeasures against Password Cracking!

There are following countermeasure you can try:

  • Don’t share your files even if they are password protected.
  • Always choose strong passwords that should take at least few hundred years to get cracked.

You may also like...