Encrypted Zips Are Easy to Crack Open

Cracking Password Protected zip files using john the ripper

Hey guys, today we are going to take a look at cracking the password-protected zip files using john the ripper

Table of contents:-

• What are password-protected zip files
• Preparation for cracking
• cracking

1) What are password-protected zip files?

Sometimes you get to work with the files which are password-protected, these are the files that need the password to open them. You might have seen this kind of file.

As you can see in the above example, I am trying to extract or unzip this encrypted_file.zip, but it's asking me for the password, if you don't have the password you can't extract the files inside it.

          You may also like...        

• Tryhackme: Annie Detailed Walkthrough | 2022
• TryHackMe: Ignite Detailed Walkthrough | 2022
• Tryhackme Pickle Rick Walkthrough | 2022

2) Preparations for Cracking

If you are using a virtual machine of kali-Linux then you are good to go, you have all the required tools installed, if you are using windows you have to install the tools. If you are using a kali-Linux docker container like me you have to follow some steps along with me to install some proper tools for your container.

1) Updating the System

This is a Linux command used to update the package list in your system. ( We will take a deep look in the Linux article later, for now just remember to run this command in order to install the latest version of the tool)

2) Downloading some essential tools

After updating the repositories we have to install some tools in order to work with the password-protected files, to crack and be able to brute-force them.

you have to install the wordlist & john tool… The wordlist contains the password we are going to brute-force the password-protected file's hash…

3) Cracking

I have a password-protected zip file it is very important for my work, but how can I extract it if I don't have a password for that.

Getting the hash of the password-protected file

In order to get the password of the zip file, we have to find out the hash of the password-protected file, in order to do that you can follow the step below:-

As you can see above we have used a command named zip2john, it comes with the tool that we have downloaded in the beginning 'john'.

The zip.hash file contains the password hash for the encrypted_file.zip, you can see that using cat command

Cracking the hash of the password-protected file

But in order to use that wordlist file, we have to extract it. That wordlist is stored in the /usr/share/wordlists/

cd /usr/share/wordlists/

Inside this directory, you will find a file named rockyou.txt.gz. RockYou is the list of most used passwords by the people there are 14 million passwords in the RockYou file.

gzip -kd rockyou.txt.gz

Now as you can see above, we also have a file rockyou.txt which we can use in our hash-cracking.

Now we are actually cracking the hash using the john tool.

As you can see in the above example, the command contains the tool john the wordlist RockYou & the file where the password is stored zip. hash

john — wordlist=/usr/share/wordlists/rockyou.txt zip.hashunzip -e encrypted_file.zip

In simple words, the above command is saying 'john take the wordlist rockyou.txt and crack the hash in the zip.hash file using the RockYou file"

As you can also see that we have got the password for our password-protected zip file, it was a easy password it it took a second to crack it, but if it has more complex passwords then it can be a time taking process, or you might never get the password if it is not encluded in the rockyou.txt file.

Unzipping the file with the password we got

Now it's the moment of truth, we are going to unzip the password-protected file using the password we have got by cracking the hash.

As you can see, we have successfully extracted the file ( Note:- I have used the -P "password" just for your understanding it is not a best practice to extract a password-protected file as anyone who has the access to the machine can see the history). Instead, use the switch

unzip -e encrypted_file.zip

This will give you a prompt to enter a password

4) Seeing what's inside the important.txt

Conclusion:-

From the above example, we have learned to use the tool john-the-ripper for cracking password-protected zip files.

          You may also like...        

• Passing Arguments to the Bash Script
• Logical operators in Bash Scripting | 2022
• What are file test operators in Bash Scripting

gunnpect2002.blogspot.com

Source: https://systemweakness.com/cracking-password-protected-zip-files-using-john-the-ripper-c3b55c27e0fe?source=read_next_recirc---------2---------------------a19993a5_c987_469e_b0bd_f6de762a58e1-------

Share this post