How to Crack a Password Protected Zip Files using Kali Linux

Today we’re going to crack password-protected zip files using Kali Linux Hacking tools. It doesn’t matter if you have Kali Linux, but you can still crack zip files using the Ubuntu distro or any other Linux distro.

However, if talk about Kali Linux it has a built-in tool called: fcrackzip but you can still use any other software available online for cracking zip files.

Don’t Miss: Cracking Password-Protected Zip Files, PDF’s And More Using Zydra

Let’s get started!

Crack a Password Protected Zip Files using fcrackzip

root@TheHackerToday:~# fcrackzip --help

fcrackzip version 1.0, a fast/free zip password cracker
written by Marc Lehmann <pcg@goof.com> You can find more info on
http://www.goof.com/pcg/marc/

USAGE: fcrackzip
          [-b|--brute-force]            use brute force algorithm
          [-D|--dictionary]             use a dictionary
          [-B|--benchmark]              execute a small benchmark
          [-c|--charset characterset]   use characters from charset
          [-h|--help]                   show this message
          [--version]                   show the version of this program
          [-V|--validate]               sanity-check the algortihm
          [-v|--verbose]                be more verbose
          [-p|--init-password string]   use string as initial password/file
          [-l|--length min-max]         check password with length min to max
          [-u|--use-unzip]              use unzip to weed out wrong passwords
          [-m|--method num]             use method number "num" (see below)
          [-2|--modulo r/m]             only calculcate 1/m of the password
          file...                    the zipfiles to crack

methods compiled in (* = default):

 0: cpmask
 1: zip1
*2: zip2, USE_MULT_TAB

Okay, now we know how to use fcrackzip but where we can find dictionaries for dictionary attack.

Kali Linux has many word-lists

root@TheHackerToday:~# locate wordlists

The most useful and which I use every time.

root@TheHackerToday:~# locate rockyou.txt /usr/share/wordlists/rockyou.txt

So, we’re going to use the rockyou.txt dictionary for a dictionary attack. If you’re unable to find your password from that dictionary you can use these.

Large Password Lists: Password Cracking Dictionary’s Download For Free

Let’s get started!

Crack a Password-Protected Zip File using Dictionary Attack

root@TheHackerToday:~/Desktop# fcrackzip -u -D -p /usr/share/wordlists/rockyou.txt fsociety.zip PASSWORD FOUND!!!!: pw == justdoit

As you can see we found our zip password through a dictionary attack. But it’s your call which settings you prefer or do this.

root@TheHackerToday:~# fcrackzip --help