fcrackzip - Examples of Usage (with examples)
- Linux
- November 5, 2023
1: Brute-force a password with a length of 4 to 8 characters, and contains only alphanumeric characters (order matters)
Code:
fcrackzip --brute-force --length 4-8 --charset aA1 archive
Motivation: The motivation for using this example is to brute-force a password for a ZIP archive with a certain length and character set. This is useful when you have forgotten the password for a protected ZIP file and want to attempt all possible combinations of alphanumeric characters in the specified length range.
Explanation:
--brute-force
enables the brute-force mode, which tries all possible combinations.--length 4-8
specifies the range of password lengths to try, from 4 to 8 characters.--charset aA1
defines the character set to be used.aA1
means lowercase letters (a-z), uppercase letters (A-Z), and digits (0-9).archive
is the path to the ZIP archive file.
Example Output:
PASSWORD FOUND!!!!: pw1234
2: Brute-force a password in verbose mode with a length of 3 characters that only contains lowercase characters, $
and %
Code:
fcrackzip -v --brute-force --length 3 --charset a:$% archive
Motivation: The motivation for using this example is to brute-force a password for a ZIP archive with a specific length and character set, providing additional verbosity for the cracking process. This is useful when you want to monitor the progress of the cracking process and see the attempted passwords in detail.
Explanation:
-v
enables the verbose mode, which provides detailed output during the cracking process.--brute-force
enables the brute-force mode.--length 3
specifies the length of the password to be cracked as 3 characters.--charset a:$%
defines the character set to be used. It includes lowercase letters (a-z), the characters$
and%
.archive
is the path to the ZIP archive file.
Example Output:
Trying pw%...
Trying pw$
Trying pwz...
PASSWORD FOUND!!!!: pwz
3: Brute-force a password that contains only lowercase and special characters
Code:
fcrackzip --brute-force --length 4 --charset a! archive
Motivation: The motivation for using this example is to brute-force a password for a ZIP archive that only contains lowercase letters and specific special characters. This is useful when you have an idea about the composition of the password, such as knowing that it consists of lowercase letters and one specific special character.
Explanation:
--brute-force
enables the brute-force mode.--length 4
specifies the length of the password to be cracked as 4 characters.--charset a!
defines the character set to be used. It includes lowercase letters (a-z) and the exclamation mark (!
).archive
is the path to the ZIP archive file.
Example Output:
PASSWORD FOUND!!!!: pass!
4: Brute-force a password containing only digits, starting from the password 12345
Code:
fcrackzip --brute-force --length 5 --charset 1 --init-password 12345 archive
Motivation: The motivation for using this example is to continue a brute-force attack for a password-protected ZIP archive starting from a specific password. This is useful when you already have some information about the password and want to narrow down the search space.
Explanation:
--brute-force
enables the brute-force mode.--length 5
specifies the length of the password to be cracked as 5 characters.--charset 1
defines the character set to be used, consisting only of numeric digits (0-9).--init-password 12345
sets the initial password for the brute-force attack to12345
.archive
is the path to the ZIP archive file.
Example Output:
PASSWORD FOUND!!!!: 12346
5: Crack a password using a wordlist
Code:
fcrackzip --use-unzip --dictionary --init-password wordlist archive
Motivation: The motivation for using this example is to crack a password-protected ZIP archive using a pre-defined wordlist. This is useful when you have a wordlist containing commonly used passwords or passwords related to the targeted archive, thereby increasing the chances of successful password cracking.
Explanation:
--use-unzip
instructs fcrackzip to use theunzip
utility for faster dictionary attacks.--dictionary
specifies that a dictionary attack will be performed, using words from a wordlist file as potential passwords.--init-password wordlist
sets the initial password for the dictionary attack to a word from the wordlist file namedwordlist
.archive
is the path to the ZIP archive file.
Example Output:
PASSWORD FOUND!!!!: password
6: Benchmark cracking performance
Code:
fcrackzip --benchmark
Motivation: The motivation for using this example is to assess the performance of the password cracking process in terms of speed and efficiency. This is useful to determine the effectiveness of the cracking tool and compare it with other similar tools.
Explanation:
--benchmark
mode runs a benchmarking test to measure the performance of the cracking tool.- No additional arguments or parameters are required.
Example Output:
Average speed: 2703808.4 passwords/second
Conclusion
In conclusion, the fcrackzip command is a powerful tool for cracking passwords of ZIP archives. It provides various options such as brute-force attacks with customizable password length and character set, dictionary attacks using wordlists, and benchmarking for performance evaluation. By using these examples, you can effectively recover passwords from password-protected ZIP archives.