kali下fcrackzip和john破解zip密码

52lxw

视频使用教程：https://www.bilibili.com/video/av57617949/使用fcrackzip

[Bash shell] 纯文本查看 复制代码

?

01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27

root@kali:~# fcrackzip --help   fcrackzip version 1.0, a fast/free zip password cracker written by Marc Lehmann <[url=mailto:pcg@goof.com]pcg@goof.com[/url]> You can find more info on [url=http://www.goof.com/pcg/marc/]http://www.goof.com/pcg/marc/[/url]   USAGE: fcrackzip           [-b|--brute-force]            use brute force algorithm           [-D|--dictionary]             use a dictionary           [-B|--benchmark]              execute a small benchmark           [-c|--charset characterset]   use characters from charset           [-h|--help]                   show this message           [--version]                   show the version of this program           [-V|--validate]               sanity-check the algortihm           [-v|--verbose]                be more verbose           [-p|--init-password string]   use string as initial password/file           [-l|--length min-max]         check password with length min to max           [-u|--use-unzip]              use unzip to weed out wrong passwords           [-m|--method num]             use method number "num" (see below)           [-2|--modulo r/m]             only calculcate 1/m of the password           file...                    the zipfiles to crack   methods compiled in (* = default):    0: cpmask  1: zip1 *2: zip2, USE_MULT_TAB

这里我使用-D -u -p三个参数，字典用的kali自带的rockyou.txt：

[Bash shell] 纯文本查看 复制代码

?

1 2 3 4

root@kali:~# fcrackzip -D -u -p /usr/share/wordlists/rockyou.txt ./Downloads/backup     PASSWORD FOUND!!!!: pw == thebackup

使用john破解，先生成hash文件：

[Bash shell] 纯文本查看 复制代码

?

1 2	root@kali:~/Downloads# zip2john backup > h.txt ver 2.0 efh 5455 efh 7875 backup/dump.sql PKZIP Encr: 2b chk, TS_chk, cmplen=269921, decmplen=1868829, crc=920D504C

破解hash:

[Bash shell] 纯文本查看 复制代码

?

01 02 03 04 05 06 07 08 09 10 11 12 13 14

root@kali:~/Downloads# john h.txt Using default input encoding: UTF-8 Loaded 1 password hash (PKZIP [32/64]) Will run 4 OpenMP threads Proceeding with single, rules:Wordlist Press 'q' or Ctrl-C to abort, almost any other key for status Warning: Only 5 candidates buffered for the current salt, minimum 8 needed for performance. Warning: Only 1 candidates buffered for the current salt, minimum 8 needed for performance. thebackup        (backup/dump.sql) 1g 0:00:00:00 DONE 1/3 (2019-07-02 01:56) 33.33g/s 249000p/s 249000c/s 249000C/s ~sqldump..thedbackup Use the "--show" option to display all of the cracked passwords reliably Session completed

yongjie180370

谢谢分享

xiaoyxf

52lxw 发表于 2019-7-2 18:19
是zip的文件名。。。

我的怎么一定要输入zip 的？不然提示找不到文件，而且，加了zip后，命令运行完也没有任何反应的

暗夜天使

感谢分享。。。。。。

xiaoyxf

请教下，最后的backup是路径还是zip啊？
root@kali:~# fcrackzip -D -u -p /usr/share/wordlists/rockyou.txt ./Downloads/backup

52lxw

xiaoyxf 发表于 2019-7-2 17:15
请教下，最后的backup是路径还是zip啊？
root@kali:~# fcrackzip -D -u -p /usr/share/wordlists/rockyou. ...

是zip的文件名。。。

Smallant

很好，正好需要，感谢

52lxw

xiaoyxf 发表于 2019-7-3 09:41
我的怎么一定要输入zip 的？不然提示找不到文件，而且，加了zip后，命令运行完也没有任何反应的

你看一下有没有rockyou.txt文件，linux下不是通过后缀来区分文件的

xiaoyxf

52lxw 发表于 2019-7-3 10:17
你看一下有没有rockyou.txt文件，linux下不是通过后缀来区分文件的

明白了，rockyou.txt文件在的

duanjf889

强  学习了