If you want to crack zip file passwords use fcrackzip.fcrackzip is a fast password cracker partly written in assembler. It is able to crack password protected zip files with brute force or dictionary based attacks, optionally testing with unzip its results.
Install fcrackzip in Ubuntu
sudo aptitude install fcrackzip
This will complete the installation.
[--brute-force] [--dictionary] [--benchmark] [--charset characterset] [--help] [--validate] [--verbose] [--init-password string/path] [--length min-max] [--use-unzip] [--method name] [--modulo r/m] file.
Prints the version number and (hopefully) some helpful insights.
Each -v makes the program more verbose.
Select brute force mode. This tries all possible combinations of the letters you specify.
Select dictionary mode. In this mode, fcrackzip will read passwords from a file, which must contain one password per line and should be alphabetically sorted (e.g. using (1)).
-c, –charset characterset-specification
Select the characters to use in brute-force cracking. Must be one of
a include all lowercase characters [a-z]
A include all uppercase characters [A-Z]
1 include the digits [0-9]
! include [!:$%&/()=?+*~#]
: the following characters upto the end of the spe-
cification string are included in the character set.
This way you can include any character except binary
null (at least under unix).
For example, a1:$% selects lowercase characters, digits and the dollar and percent signs.
-p, –init-password string
Set initial (starting) password for brute-force searching to string, or use the file with the name string to supply passwords for dictionary searching.
-l, –length min[-max]
Use an initial password of length min, and check all passwords upto passwords of length max (including). You can omit the max parameter.
Try to decompress the first file by calling unzip with the guessed password. This weeds out false positives when not enough files have been given.
-m, –method name
Use method number “name” instead of the default cracking method. The switch –help will print a list of available methods. Use –benchmark to see which method does perform best on your machine. The name can also be the number of the method to use.
-2, –modulo r/m
Calculate only r/m of the password. Not yet supported.
Make a small benchmark, the output is nearly meaningless.
Make some basic checks wether the cracker works.
fcrackzip -c a -p aaaaaa sample.zip
checks the encrypted files in sample.zip for all lowercase 6 character passwords (aaaaaa … abaaba … ghfgrg … zzzzzz).
--method cpmask --charset A --init AAAA test.ppm
checks the obscured image test.ppm for all four character passwords. -TP fcrackzip -D -p passwords.txt sample.zip check for every password listed in the file passwords.txt.