Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
fcrackzip
Remember the lame file/folder password protection trick we discussed yesterday? As it seems,
someone pointed that out pretty well ;). We will get into the better protection schemes sometime
later, lets see how to break the mechanism we used previously.
So, lets start with the password breaking tool, fcrackzip. This tool specializes in breaking password
for zip files.
Similarly, if you want to brute-force for upper-case alphabets and numerals too then you may use
the "A" and "1" option. e.g.
[shredder12]$ fcrackzip -u -c Aa1 -p aaaaa secret.zip
Use "!" for including special characters !:$%&/()=?{[]}+*~#. If you want to specify only some of
the characters then mention them using ":". e.g. if you want to brute-force with lower-case alphabets
and #,! then mention them like this "-c a:#!".
Just try running it on a password longer than 6 character and you will know how much time a bruteforce attack can take (I am considering a regular, ~2 GHz pc, not a cloud/cluster). Depending upon
the charcter set it could easily take a few minutes. So, sometimes its better to try a dictionary attack
before going for brute-force. You can use the -D option to do so
[shredder12]$ fcrackzip -u -D dict_file secret.zip
As you can see this requires a dict_file, which is a simple text file with a single word in each line.