Crack
the password
protected zip files using
fcrackzip - Backtrack
We frequently use zipped files due to its small size and strong encryption algorithm. These zipped files comes with a facility of password protection which maintains the security of the files.
But sometimes this security feature turns into a drawback if we somehow forget the password. In that case the password cracker play their role. You can also use them if you downloaded a zipped file with password protection on it.
In my last article, if you followed then we learned to make a bootable USB of backtrack. So here I'm gonna introduce a tool which is present in Backtrack and if you have no past experience with Linux then no issues you can start from here. The open source tool we are gonna use is called fcrackzip.
fcrackzip is a fast password cracker partly written in assembler. It is able to crack password protected zip files with brute force or dictionary based attacks, optionally testing with unzip its results.
Here, for the demonstration I'm
gonna make a file crackme.zip with a password abcde using winrar. You can also try with
me from here.
1) Right click on the file > select add to archieve..
2) Under General tab select ZIP rather than RAR, then under Advanced tab > set Password
3) Suppose our final password protected
zip file is crackme.zip (you can use your own)
4) Now copy this file on the desktop
for ease in your Backtrack
5) Then click on the Top Right button
saying Applications.
6) Navigate to Backtrack > Privilege
Escalation > Password Attacks >Offline
Attacks > fcrackzip
7) The following terminal screen will
pop up
The fcrackzip is loaded with the
following options:
-b
brute force
-D dictionary Attack
-B benchmark
-c charset characterset
-h help
-V validate
-p init-password string
-l length min-max
-u use-unzip
-m method num
-2 modulo r/m
-D dictionary Attack
-B benchmark
-c charset characterset
-h help
-V validate
-p init-password string
-l length min-max
-u use-unzip
-m method num
-2 modulo r/m
8) I'm going to apply the brute force
attack for password cracking. So the following command will be useful...
fcrackzip -b -c a -l 1-6
/root/Desktop/crackme.zip
here,
-b
> bruteforce
-c a > charset lower case alphabets
-l 1-6 > length of expected password
-c a > charset lower case alphabets
-l 1-6 > length of expected password
9) Hit Enter and
wait for few minutes. fcrackzip combining with Backtrack turns into a more
faster password cracking tool
10) That's
it. It'll show the password after certain attempts.
Note: Brute
force assures gurantee of the result but often take very much time even years
for a very strong password to crack. If you use Encrypted language for the
password then it may be impossible to apply the brute force. In such case do
search for other working alternatives.
"The quieter you become, the
more you are able to hear"
No comments:
Post a Comment