May be it is an old trick in sec world, but i'm just divide it for us cause this morning there's some one give me a zip file which he has forgot the password of it and he asked me to crack its password. How to crack a zip's password?
My firs step is searching some tools which there is in my PC, and i've found "fcrackzip".
Can it work? i'll know if i've try it.
Now look a manual using of it with command :
root@victim:~# fcrackzip -h
fcrackzip version 1.0, a fast/free zip password cracker
written by Marc Lehmann <pcg@goof.com> You can find more info on
http://www.goof.com/pcg/marc/
USAGE: fcrackzip
[-b|--brute-force] use brute force algorithm
[-D|--dictionary] use a dictionary
[-B|--benchmark] execute a small benchmark
[-c|--charset characterset] use characters from charset
[-h|--help] show this message
[--version] show the version of this program
[-V|--validate] sanity-check the algortihm
[-v|--verbose] be more verbose
[-p|--init-password string] use string as initial password/file
[-l|--length min-max] check password with length min to max
[-u|--use-unzip] use unzip to weed out wrong passwords
[-m|--method num] use method number "num" (see below)
[-2|--modulo r/m] only calculcate 1/m of the password
file... the zipfiles to crack
methods compiled in (* = default):
0: cpmask
1: zip1, TARGET_CPU=0
2: zip2, TARGET_CPU=0, USE_MULT_TAB
3: zip3, TARGET_CPU=5
4: zip4, TARGET_CPU=5, USE_MULT_TAB
5: zip5, TARGET_CPU=6
*6: zip6, TARGET_CPU=6, USE_MULT_TAB
I'm try using its option one by one, but i haven't understand the true way to use it.
I have more time to understad it and finaly i've found a way to use it too. ^_^
Let's try it, first step we must describe some possible which using to make a password of that's zip file.
I think it password have length 8 character, there's an uppercase and lowercase characters, and may be use an numeric too. (it's just my opinions)
I'm trying crack it with a command :
root@victim:~# fcrackzip -u -c a -p aaaa File.zip
root@victim:~#
It have exit, may be it can't found a password. Now i'll try crack it with my probably. And its command become as :
root@victim:~# fcrackzip -u -c Aa1 -l 0-8 File.zip
PASSWORD FOUND!!!!: pw == close
root@victim:~#
Bingo!!! i've found its password although i've missing 3hour times to crack it.
If i've know the password have length 5 char and just there's a lowercase char, the command enough using :
root@victim:~# fcrackzip -u -c a -p aaaaa File.zip
PASSWORD FOUND!!!!: pw == close
root@victim:~#
NOTE :
if we don't use option "-u", then the result just give us an 'possible pw found'
Option "-c Aa1" it have meaning that character is A(uppercase), a(lowercase), and 1(numeric).
Option "-l 0-8" it have meaning that length of a password's chars probably there's 0 to 8 chars.
Option "-p aaaaa" it have meaning that length of a password's chars just there's 5 chars.
1 comments:
asholole
Post a Comment