Cracking Zip Password using Python3
Get a thorough knowledge of python's zipfile module and build your own Zip file password cracking tool in less than 3 minutes
Hello, world! We often get Zip files that are encrypted and it's unable to retrieve the files from it. In this post, I will share the knowledge while discussing a lab Protected Zip File Cracking from AttackDefense. I will guide you on how to crack the password pre-shipped zipfile module in the python language.
We are provided with a zip archive named secret.zip which is of course, password protected. The password is generated using the following password policy:
- Password is 6 characters long
- Password only contains characters from character set {a, b, c, d, e, 1, 2, 3, 4, 5}
Let's try to open the zip and list the files. You can list the file names but actually, its content are encrypted not the entries in the archive
As you can see there is one entry LabAccessCodes-TopSecret.txt
file. This was added 4 years ago and has some text when you check its size.
Also when you will try to open the file via the following code, it will throw a RuntimeError
with a message telling you that password is required for extracting this file.
As we have seen the password policy. Let's create a wordlist containing all the possible combinations including repeated characters. Since the combinations
function lacks this functionality, we will use the product
function from the itertools module.
If you look closely, you have total of 6 characters of the password and 10 possible characters at each location. So the total number of possible passwords for this zip file would be \( 10 ^ 6 \) or \(1,000,000\) passwords 😳.
Since there are a lot of passwords, we will read the file line by line and try to check whether the zip file entry LabAccessCodes-TopSecret.txt is extractable by the password from the current line in the wordlist file or not. So the following is the simple code for that.
So basically in the above code, when the file is successfully extracted by the password in the TARGETDIR
, it will print the "Password found .." message and the directory where you can find this file. How all this happen, is abstracted by this python module and is out of scope for this post.
Once you get the correct password, you can see the following output and you can read the file contents from the extracted directory.