StackZero
  • Homepage
  • Categories
    • Basics
    • Cryptography and Privacy
    • Ethical Hacking
      • Web Security
      • Network Security
    • Reverse Engineering
      • Malware Analysis
  • Contacts
No Result
View All Result
StackZero
No Result
View All Result

How to Easily Create a zip password cracker in Just Seconds!

May 19, 2022
in Cryptography and Privacy
0 0
Crack zip password
0
SHARES
60
VIEWS
Share on FacebookShare on Twitter

If you’ve ever forgotten a password for a zip file, you know how frustrating it can be.
There’s no need to worry anymore because in this article we’ll show you how to crack a zip password using a dictionary attack.
Usually, zip files are protected with very simple passwords.
With a dictionary attack, you can use a list of common passwords to try and guess the password for a zip file. This is a very effective method, and it’s easy to do. So let’s get started to code our zip password cracker!

Table of Contents

  • Prerequisites
  • The code
  • The main method
  • How to launch zip password cracker
  • Conclusion and improvements
  • Further readings

Prerequisites

In order to complete the project you just need:

  • Python
  • pyzipper library
  • progress library
  • A good wordlist (Check on google or look here)

You don’t need anything more, so we can start with the code.

The code

Imports:

from optparse import OptionParser
import pyzipper
from progress.bar import Bar

Auxiliary methods

def get_wordlist(wordlist_file):
    with open(wordlist_file, 'r') as f:
        return f.read().split('\n')

The first method gets the wordlist from a file and saves it into a file (if the list is too big, think to use a generator).

def extract(file_name):

    with pyzipper.AESZipFile(file_name, 'r') as f:
        f.extractall(pwd = bytes(p, 'utf-8'))

This is the method that extracts the file.

The main method

if __name__ == "__main__":



    parser = OptionParser()
    parser.add_option("-f", "--file", dest="filename",
                        help="compressed file", metavar="FILE")
    parser.add_option("-w", "--wordlist", dest="wordlist", 
                        help="Select the wordlist", metavar="WORDLIST")

    (options, args) = parser.parse_args()
    print(options.wordlist)
    for p in Bar('Processing').iter(get_wordlist(options.wordlist)):
        try:
            extract(options.filename)
            print(f"\n[+] Password found: {p}")
            break
        except RuntimeError as e:
            pass

The first part is just an argument’s parsing, easy to understand.
The extract generates an Exception in case of failure, so into the for loop we try the extract until it doesn’t throw the RuntimeException.

How to launch zip password cracker

Let’s see the complete code:

from optparse import OptionParser
import pyzipper
from progress.bar import Bar

def get_wordlist(wordlist_file):
    with open(wordlist_file, 'r') as f:
        return f.read().split('\n')


def extract(file_name):

    with pyzipper.AESZipFile(file_name, 'r') as f:
        f.extractall(pwd = bytes(p, 'utf-8'))       

if __name__ == "__main__":

    parser = OptionParser()
    parser.add_option("-f", "--file", dest="filename",
                        help="compressed file", metavar="FILE")
    parser.add_option("-w", "--wordlist", dest="wordlist", 
                        help="Select the wordlist", metavar="WORDLIST")

    (options, args) = parser.parse_args()
    print(options.wordlist)
    for p in Bar('Processing').iter(get_wordlist(options.wordlist)):
        try:
            extract(options.filename)
            print(f"\n[+] Password found: {p}")
            break
        except RuntimeError as e:
            pass

After saving our script in a file called main.py we can launch it with the following command:

python3 main.py -f test.zip -w wordlist.dic

The output will be something similar to this:

Processing |########################        | 21168/27608
[+] Password found: roland

Conclusion and improvements

With this project, you can see how easy is an attack on a zip password-protected file, so try to use the most secure ones for your important files.

You can also try to make some improvements, you could add numbers to the ends, or maybe you can merge words from two files.

Further readings

If you liked to write the zip password cracker in python, you may want to read those articles:

  • Write subdomain scanner in python
  • Create a network scanner in python
Subdomain scanner made easy – with Python!
Trending
Subdomain scanner made easy – with Python!

Tags: attackbruteforcecrackdictionaryenumerationpasswordpythonpyzipperwordlistzip
Previous Post

How to easily encrypt file in Python

Next Post

How to Hide Messages in Pictures with Python: Steganography

Next Post
Steganography with Python

How to Hide Messages in Pictures with Python: Steganography

You might also like

Hack File Inclusion in DVWA: A Full Walkthrough

Hack File Inclusion in DVWA: A Full Walkthrough

January 18, 2023
How To Exploit File Inclusion Vulnerabilities: A Beginner’s Introduction.

How To Exploit File Inclusion Vulnerabilities: A Beginner’s Introduction.

December 15, 2022
What is unrestricted file upload vulnerability? And How to exploit it on DVWA!

What is unrestricted file upload vulnerability? And How to exploit it on DVWA!

November 29, 2022
How To Exploit CSRF In DVWA

How To Exploit CSRF In DVWA

November 23, 2022
CSRF intro featured

CSRF Introduction: What you need to know!

November 15, 2022
Bruteforce attack

How to Brute Force DVWA login with Python

November 3, 2022

StackZero

StackZero is a technical coding blog that focuses on cybersecurity. It mainly offers articles and tutorials that teach readers how to write security tools.
The blog covers a wide range of topics, from the basics of cryptography to the more advanced topics of exploitation and reverse engineering.

Tags

application security blind sqli blind sql injection bruteforce c certification command injection csrf csrf attack cybersecurity dom-based xss dvwa ethical-hacking exploitation file inclusion file upload hacking injection javascript kali linux local file inclusion malware malware analysis network-security penetration testing pentesting lab python reflected xss registry remote file inclusion security shellcode sql sqli sql injection stored xss virtual machine vulnerable application web application security web exploitation web security windows windows api windows virtual machine xss
  • Contacts
  • HomePage
  • Privacy Policy
  • Terms and Conditions

No Result
View All Result
  • Homepage
  • Categories
    • Basics
    • Cryptography and Privacy
    • Ethical Hacking
      • Web Security
      • Network Security
    • Reverse Engineering
      • Malware Analysis
  • Contacts

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In