Latest News

How to use fcrackzip in kali linux

Intro –  fcrackzip is a fast password cracker partly written in assembler. It is able to crack password protected zip files with brute force or dictionary based attacks.


1. How to open
A. GUI Method
Application → Kali Linux → Password Attacks → Offline Attacks → fcrackzip 
                                                                                    (click on image for large view)

B. Open Terminal type fcrackzip –help this command will open fcrackzip with help options

2. Let’s make a zip file in windows 7 PC than we will copy paste it into Kali Linux afterthat we will try to break this password by fcrackzip. I created a zip file. This zip file’s password is 12345678.

3. Now we are going to break this password protected zip file. If you know your password has numeric (ex- 123..) and how many digits there in your password. Here we know our password is numeric (e.g. 123…) and its total 8 digits. If you have just small thought or knowledge about your password It will you to speed up your brute force attack against your zip file.
Syntax – fcrackzip –u –c <your password character type>  –p <total digits> zip file path
Ex – fcrackzip –u –c 1 –p aaaaaaaa ‘/root/Desktop/Test.zip’
Here,
The –u option, Try to decompress the first file by calling unzip with the guessed password. This weeds out false positives when not enough files have been given.
The –c option lets you select the character set, '1' here means password can be a numeric.
The -p option lets you select an initial string to start brute-force attack.
Note – as you can see I wrote ‘aaaaaaaa’, if you will count this is total 8 digits means I assumed that my password can be 8 digits but in this step if my assumption will be wrong, like my password have 8 digits and I will write there ‘aaaaaaa’ (only 7 digits) than fcrackzip will not crack your password.

4. If you know your password is numeric but you don’t know there are how many digits. You can assume a password digit range. Here I am thinking that my password can be minimum 4 digits to maximum 8 digits.
Syntax – fcrackzip –u –c <your password character type>  -l <password digits range> zip file path
Ex – fcrackzip –u –c 1 –l 4-8 ‘/root/Desktop/Test.zip’

5.  In this Example I created another Zip file with small (lower case) alphabet digits as password. Here password is ‘abcdefgh’.  If your password has small alphabets characters and length of password is 8 digits.
Syntax – fcrackzip –u –c <your password character type>  –p <total digits> zip file path
Ex – fcrackzip –u –c a –p aaaaaaaa ‘/root/Desktop/Test1.zip’
Here we are using ‘a’ after –c because our password has small (lower case) alphabet. If you have doubt that the password can be capital (upper case) alphabet than you have to write capital ‘A’. If you think that your password has both upper and lower case than you can write ‘Aa’. Just like this if you doubt your password has lower case (a), Upper case (A), numeric (1). You have to write there ‘Aa1’.


6.  Range of password digits

7. Here we are using brute force a zip file password which has upper case (A), lower case (a), numeric (1), and symbol (@). Use "!" for including special characters !:$%&/()=?{[]}+*~#. If you want to specify only some of the characters then mention them using " : ". In this image I want to specify only one (@) character so I used :@.

8. Now we are going to crack this zip password by using dictionary attack. Just for an example I am making a small dictionary manually so it will take less time to crack.

9. Now run the command for cracking this zip file password
Syntax – fcrackzip –u –D –p <dictionary file path> <zip file path>
Ex – fcrackzip –u –D –p ‘/root/Desktop/dic’ ‘/root/Desktop/Test.zip
                                                                                           (click on image for large view)


No comments:

Post a Comment

Contact Us

24x7 online , we happy to answer you
tamilcypc@gmail.com

Disclaimer

This Blog and its TUT's are intended for educational purposes only, no-one involved in the creation of this TuT may be held responsible for any illegal acts brought about by this Blog or TuT.



Featured Post

Custom Domains And HTTPS Redirection Code