kali下fcrackzip和john破解zip密码

52lxw

视频使用教程：https://www.bilibili.com/video/av57617949/使用fcrackzip

[Bash shell] 纯文本查看 复制代码

root@kali:~# fcrackzip --help

fcrackzip version 1.0, a fast/free zip password cracker
written by Marc Lehmann <[url=mailto:pcg@goof.com]pcg@goof.com[/url]> You can find more info on
[url=http://www.goof.com/pcg/marc/]http://www.goof.com/pcg/marc/[/url]

USAGE: fcrackzip
          [-b|--brute-force]            use brute force algorithm
          [-D|--dictionary]             use a dictionary
          [-B|--benchmark]              execute a small benchmark
          [-c|--charset characterset]   use characters from charset
          [-h|--help]                   show this message
          [--version]                   show the version of this program
          [-V|--validate]               sanity-check the algortihm
          [-v|--verbose]                be more verbose
          [-p|--init-password string]   use string as initial password/file
          [-l|--length min-max]         check password with length min to max
          [-u|--use-unzip]              use unzip to weed out wrong passwords
          [-m|--method num]             use method number "num" (see below)
          [-2|--modulo r/m]             only calculcate 1/m of the password
          file...                    the zipfiles to crack

methods compiled in (* = default):

 0: cpmask
 1: zip1
*2: zip2, USE_MULT_TAB

这里我使用-D -u -p三个参数，字典用的kali自带的rockyou.txt：

[Bash shell] 纯文本查看 复制代码

root@kali:~# fcrackzip -D -u -p /usr/share/wordlists/rockyou.txt ./Downloads/backup 


PASSWORD FOUND!!!!: pw == thebackup

使用john破解，先生成hash文件：

[Bash shell] 纯文本查看 复制代码

root@kali:~/Downloads# zip2john backup > h.txt
ver 2.0 efh 5455 efh 7875 backup/dump.sql PKZIP Encr: 2b chk, TS_chk, cmplen=269921, decmplen=1868829, crc=920D504C

破解hash:

[Bash shell] 纯文本查看 复制代码

root@kali:~/Downloads# john h.txt
Using default input encoding: UTF-8
Loaded 1 password hash (PKZIP [32/64])
Will run 4 OpenMP threads
Proceeding with single, rules:Wordlist
Press 'q' or Ctrl-C to abort, almost any other key for status
Warning: Only 5 candidates buffered for the current salt, minimum 8
needed for performance.
Warning: Only 1 candidates buffered for the current salt, minimum 8
needed for performance.
thebackup        (backup/dump.sql)
1g 0:00:00:00 DONE 1/3 (2019-07-02 01:56) 33.33g/s 249000p/s 249000c/s 249000C/s ~sqldump..thedbackup
Use the "--show" option to display all of the cracked passwords reliably
Session completed

yongjie180370

谢谢分享

xiaoyxf

52lxw 发表于 2019-7-2 18:19
是zip的文件名。。。

我的怎么一定要输入zip 的？不然提示找不到文件，而且，加了zip后，命令运行完也没有任何反应的

暗夜天使

感谢分享。。。。。。

xiaoyxf

请教下，最后的backup是路径还是zip啊？
root@kali:~# fcrackzip -D -u -p /usr/share/wordlists/rockyou.txt ./Downloads/backup

52lxw

xiaoyxf 发表于 2019-7-2 17:15
请教下，最后的backup是路径还是zip啊？
root@kali:~# fcrackzip -D -u -p /usr/share/wordlists/rockyou. ...

是zip的文件名。。。

Smallant

很好，正好需要，感谢

52lxw

xiaoyxf 发表于 2019-7-3 09:41
我的怎么一定要输入zip 的？不然提示找不到文件，而且，加了zip后，命令运行完也没有任何反应的

你看一下有没有rockyou.txt文件，linux下不是通过后缀来区分文件的

xiaoyxf

52lxw 发表于 2019-7-3 10:17
你看一下有没有rockyou.txt文件，linux下不是通过后缀来区分文件的

明白了，rockyou.txt文件在的

duanjf889

强  学习了