Tagged: jtr john zip crack dictionary brute force

Cracking a zip using John the Ripper (jtr)

Do you sometimes end up with an encrypted zip file that you can’t remember the password for?  I usually have some idea of what the password may be, and other times I am completely at a loss. In either case jtr is going to be a big help. If you have some guesses of what the password may be you can throw them into a text file. You don’t need to bother entering permutations like ‘mybestguess1’  we are going to let john handle common permutations. So instead you would enter ‘mybestguess’ into the text file. An example of my ‘lame’ dictionary file looks like this:

foo
bar
secret
lame
lamepass
pass
love

On the other hand maybe you are just need to try a huge amount of passwords. I suggest you download a massive dictionary file like the rockyou dictionary.

Here is a quick bash script that will join unzip and john together to  make your life a little easier:

#!/bin/bash
echo "ZIP-JTR Decrypt Script";
if [ $# -ne 2 ]
then
echo "Usage $0 <zipfile> <wordlist>";
exit;
fi
unzip -l $1
for i in $(john --wordlist=$2 --rules --stdout) 
do
 echo -ne "\rtrying \"$i\" " 
 unzip -o -P $i $1 >/dev/null 2>&1 
 STATUS=$?
 if [ $STATUS -eq 0 ]; then
 echo -e "\nArchive password is: \"$i\"" 
 break
 fi
done

This is what a simple test run looks like:

$ ./zip-jtr.sh lame.zip lame.dic 
ZIP-JTR Decrypt Script
Archive: lame.zip
 Length Date Time Name
--------- ---------- ----- ----
 36 2012-08-18 04:37 lame.txt
--------- -------
 36 1 file
words: 405 time: 0:00:00:00 100% w/s: 1557 current: Lamepassing
trying "lamepass1" 
Archive password is: "lamepass1"

Its probably a good idea to create a new directory, drop this script your dictionary and the zip into it and run from there. The reason being that the unzip -o option will clobber files that already exist with the same name.

Have fun!

Advertisements