Crack zip file password with FCrackzip

Fcrackzip is a tool that can be used to crack zip files encrypted with ZipCrypto algorithm through dictionary-based and brute-force attack.

The brute force attack can be configured to use the combination of lower,upper, numerical characters or with other symbols or punctuation marks.

Example usage:

  • fcrackzip -u -v -l 1-6 -c a
  • fcrackzip -u -v -l 1-6 -c aA1
  • fcrackzip -u -v -D -p wordlist-dict.txt (dictionary attack)

Switch Explanation:

  • -v : verbose output, display the progress of current crack, may slow the progress a little bit
  • -l : length of password to brute-force in this case (1 to 6 characters)
  • -c : character set to try (a – lower-alphabet, A-uppercase alphabet, 1-numeric, ! – include [!:$%&/()=?[]+*~#])
  • -u : verify the zip password in case of multiple possible matches

p/s: It is strongly suggested to use dictionary attack first before going down with brute-force as passwords longer than 6 characters may take (a long) time to crack. A collection of wordlist can be found at PacketStormSecurity website

Debian and Ubuntu users can get fcrackzip from the default apt-get repository.
Windows may download fcrackzip win32 binaries from website

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>