How to bruteforce ZIP files

Author: Marc Lehmann
License: Open Source
Software: FCrackZip
Date created: Before 2008
Updated: No
Website: FCrackZip

0xL1NK#~ FCrackZip Manpages

Last updated: 27 march 2019

  1. Description

    fcrackzip searches each zipfile given for encrypted files and tries to guess the password. All files must be encrypted with the same password, the more files you provide, the better.

  2. Bruteforce the ZIP

    The command below will bruteforce file.zip with a given wordlist. In this case the wordlist is the well known rockyou.txt.

    # Syntax fcrackzip -u -D -p [wordlist] [ZIP file] # Example fcrackzip -u -D -p ~/rockyou.txt ~/file.zip

    -u : Try to decompress the first file by calling unzip with the guessed password. This weeds out false positives when not enough files have been given.

    -D : Select dictionary mode. In this mode, fcrackzip will read passwords from a file, which must contain one password per line and should be alphabetically sorted.

    -p : Set initial (starting) password for brute-force searching to string, or use the file with the name string to supply passwords for dictionary searching.

** For more information, check out the extra links and sources. **