How to Easily Create a zip password cracker in Just Seconds!

If you’ve ever forgotten a password for a zip file, you know how frustrating it can be.
There’s no need to worry anymore because in this article we’ll show you how to crack a zip password using a dictionary attack.
Usually, zip files are protected with very simple passwords.
With a dictionary attack, you can use a list of common passwords to try and guess the password for a zip file. This is a very effective method, and it’s easy to do. So let’s get started to code our zip password cracker!

Prerequisites

In order to complete the project you just need:

• Python
• pyzipper library
• progress library
• A good wordlist (Check on google or look here)

You don’t need anything more, so we can start with the code.

The code

Imports:

from optparse import OptionParser
import pyzipper
from progress.bar import Bar

Auxiliary methods

def get_wordlist(wordlist_file):
    with open(wordlist_file, 'r') as f:
        return f.read().split('\n')

The first method gets the wordlist from a file and saves it into a file (if the list is too big, think to use a generator).

def extract(file_name):

    with pyzipper.AESZipFile(file_name, 'r') as f:
        f.extractall(pwd = bytes(p, 'utf-8'))

This is the method that extracts the file.

The main method

if __name__ == "__main__":



    parser = OptionParser()
    parser.add_option("-f", "--file", dest="filename",
                        help="compressed file", metavar="FILE")
    parser.add_option("-w", "--wordlist", dest="wordlist", 
                        help="Select the wordlist", metavar="WORDLIST")

    (options, args) = parser.parse_args()
    print(options.wordlist)
    for p in Bar('Processing').iter(get_wordlist(options.wordlist)):
        try:
            extract(options.filename)
            print(f"\n[+] Password found: {p}")
            break
        except RuntimeError as e:
            pass

The first part is just an argument’s parsing, easy to understand.
The extract generates an Exception in case of failure, so into the for loop we try the extract until it doesn’t throw the RuntimeException.

How to launch zip password cracker

Let’s see the complete code:

from optparse import OptionParser
import pyzipper
from progress.bar import Bar

def get_wordlist(wordlist_file):
    with open(wordlist_file, 'r') as f:
        return f.read().split('\n')


def extract(file_name):

    with pyzipper.AESZipFile(file_name, 'r') as f:
        f.extractall(pwd = bytes(p, 'utf-8'))       

if __name__ == "__main__":

    parser = OptionParser()
    parser.add_option("-f", "--file", dest="filename",
                        help="compressed file", metavar="FILE")
    parser.add_option("-w", "--wordlist", dest="wordlist", 
                        help="Select the wordlist", metavar="WORDLIST")

    (options, args) = parser.parse_args()
    print(options.wordlist)
    for p in Bar('Processing').iter(get_wordlist(options.wordlist)):
        try:
            extract(options.filename)
            print(f"\n[+] Password found: {p}")
            break
        except RuntimeError as e:
            pass

After saving our script in a file called main.py we can launch it with the following command:

python3 main.py -f test.zip -w wordlist.dic

The output will be something similar to this:

Processing |########################        | 21168/27608
[+] Password found: roland

Conclusion and improvements

With this project, you can see how easy is an attack on a zip password-protected file, so try to use the most secure ones for your important files.

You can also try to make some improvements, you could add numbers to the ends, or maybe you can merge words from two files.

Further readings

If you liked to write the zip password cracker in python, you may want to read those articles:

• Write subdomain scanner in python
• Create a network scanner in python

Trending

How to easily change your Windows Mac Address in Python