Cracking a zip using John the Ripper (jtr)
Do you sometimes end up with an encrypted zip file that you can’t remember the password for? I usually have some idea of what the password may be, and other times I am completely at a loss. In either case jtr is going to be a big help. If you have some guesses of what the password may be you can throw them into a text file. You don’t need to bother entering permutations like ‘mybestguess1’ we are going to let john handle common permutations. So instead you would enter ‘mybestguess’ into the text file. An example of my ‘lame’ dictionary file looks like this:
foo
bar
secret
lame
lamepass
pass
love
On the other hand maybe you are just need to try a huge amount of passwords. I suggest you download a massive dictionary file like the rockyou dictionary.
Here is a quick bash script that will join unzip and john together to make your life a little easier:
#!/bin/bash echo "ZIP-JTR Decrypt Script"; if [ $# -ne 2 ] then echo "Usage $0 <zipfile> <wordlist>"; exit; fi unzip -l $1 for i in $(john --wordlist=$2 --rules --stdout) do echo -ne "\rtrying \"$i\" " unzip -o -P $i $1 >/dev/null 2>&1 STATUS=$? if [ $STATUS -eq 0 ]; then echo -e "\nArchive password is: \"$i\"" break fi done
This is what a simple test run looks like:
$ ./zip-jtr.sh lame.zip lame.dic ZIP-JTR Decrypt Script Archive: lame.zip Length Date Time Name --------- ---------- ----- ---- 36 2012-08-18 04:37 lame.txt --------- ------- 36 1 file words: 405 time: 0:00:00:00 100% w/s: 1557 current: Lamepassing trying "lamepass1" Archive password is: "lamepass1"
Its probably a good idea to create a new directory, drop this script your dictionary and the zip into it and run from there. The reason being that the unzip -o option will clobber files that already exist with the same name.
Have fun!
synacl 