How to Recover a ZIP Password in Linux
The ZIP file format is a popular and convenient tool for combing multiple files into a single compressed archive suitable for sharing with others or simply archiving old files for safekeeping. ZIP files can be encrypted with a password for privacy and security, but it means that the files inside the archive are inaccessible if the password is ever lost or forgotten. Fortunately, there are ways to recover the password and FCrackZip is a free open source password recovery tool for Linux that is fast and capable of performing both dictionary and brute-force attacks against password-protected ZIP files.
Other People Are Reading
Instructions
-
Cracking a ZIP Password
-
1
Install FCrackZip using your Linux distribution's package management system or from the command line using: "sudo apt-get install fcrackzip" (or the equivalent installation command for your Linux distribution).
If FCrackZip is not available in your repositories, it can be downloaded from the FCrackZip homepage and compiled on your computer following the instructions included in the file.
-
2
Get one or more word list files. A word list file is nothing more than a plain text file containing a list of words, usually one per line. Most Linux distributions have one or more dictionary files located in /usr/share/dict such as "american-english" or "british-english" that can be used. Larger, more comprehensive word list files designed specifically for password cracking are available on the Internet but are beyond the scope of this article.
-
-
3
Perform a dictionary attack against the ZIP file by running the following from the command line: "fcrackzip --dictionary -p <word list filename> -u -v <zip filename>" (no quotes).
This will cause FCrackZip to use the words in the word list as possible passwords to see if any match. The "-u" option will cause FCrackZip to try to unzip the file to weed out any false positives and "-v" will run in verbose mode so you can see what is happening.
If the ZIP file's password is in the provided word list, you should have the password in a matter of seconds, depending on the size of the word list and the speed of your computer.
-
4
Repeat Step 3 with other word list files until you either find the password or have exhausted your word lists.
-
5
Begin a brute-force attack against the ZIP file by typing: "fcrackzip --brute-force -u -v <zip filename>" (no quotes).
This will cause FCrackZip to try an infinite number of variations of numbers, letters and symbols until it eventually finds the correct password. Even though FCrackZip is fast, this remains a time-consuming process even to find ordinary dictionary words---which is why it is the last resort. Given enough time and patience, however, a brute-force attack will eventually find the correct password.
-
1
Tips & Warnings
If you have any clues about the composition of the password, you can save time by restricting the brute-force attack to passwords of a minimum and maximum length; or to upper or lowercase letters, numbers, symbols, specific characters or combinations of specific character types by using the "--charset" option. Type: "fcrackzip --help" to view the options available (no quotes).
