Crack zip file password with FCrackzip

Fcrackzip is a tool that can be used to crack zip files encrypted with ZipCrypto algorithm through dictionary-based and brute-force attack.

The brute force attack can be configured to use the combination of lower,upper, numerical characters or with other symbols or punctuation marks.

Example usage:

  • fcrackzip -u -v -l 1-6 -c a
  • fcrackzip -u -v -l 1-6 -c aA1
  • fcrackzip -u -v -D -p wordlist-dict.txt (dictionary attack)

Switch Explanation:

  • -v : verbose output, display the progress of current crack, may slow the progress a little bit
  • -l : length of password to brute-force in this case (1 to 6 characters)
  • -c : character set to try (a – lower-alphabet, A-uppercase alphabet, 1-numeric, ! – include [!:$%&/()=?[]+*~#])
  • -u : verify the zip password in case of multiple possible matches

p/s: It is strongly suggested to use dictionary attack first before going down with brute-force as passwords longer than 6 characters may take (a long) time to crack. A collection of wordlist can be found at PacketStormSecurity website

Debian and Ubuntu users can get fcrackzip from the default apt-get repository.
Windows may download fcrackzip win32 binaries from website

Recommended Reading