Crack Zip Password - readloud.org

John The Ripper

Format the archived file to make the John to recognize it, then crack the hash using John.

zip2john example.zip > hash.txt
john --wordlist=wordlist.txt hash.txt

Fcrackzip

# -u: unzip
# -D: dictionary
# -p: strgin as initial password/file
fcrackzip -u -D -p passwords.txt sample.zip

Bkcrack

bkcrack is useful for cracking legacy zip encryption with a known plaintext attack.

Download the Tool

wget https://github.com/kimci86/bkcrack/releases/download/v1.5.0/bkcrack-1.5.0-Linux.tar.gz
tar -xf bkcrack-1.5.0-Linux.tar.gz
cd bkcrack-1.5.0-Linux.tar.gz

Recover Internal Keys

First we check what files in the target zip file.

# List entries
./bkcrack -L encrypted.zip

Assume the encrypted.zip contains the secret.key file and we know that it contains the "secret is" string.
Then we need to create a plain file with the same string "secret is".

echo -n "secret is" > plainfile

Now crack the keys using these files.

./bkcrack -C encrypted.zip -c secret.key -p plainfile

For example, we get the result 8257499e 175bb63c fcbd5ff2.
We can recover the password by running the following command.

./bkcrack -C encrypted.zip -c secret.key -p plainfile -k 8257499e 175bb63c fcbd5ff2 -d result.txt

After that, result.txt is generated so we can see the content of the file.