Hello Guys, in this post we look at a simple Zip Password cracker shell script which Brute-Force a password protected zip file in order to get the password.
Code
Simple Zip Password Cracker
Download Code from Here :
Now here is the Demonstration Video :
Code
Simple Zip Password Cracker
#!/usr/bin/bash env
#
# +=======================================================+
# || A Simple ZIP Password Cracker ||
# || Developed By : http:\\www.sec-articles.blogspot.com ||
# +=======================================================+
#
declare -r TRUE=0
declare -r FALSE=1
flag=$FALSE
counter=0
# Declaring char_sets
chars_1=`echo {a..z}`
chars_2=`echo {A..Z}`
chars_3=`echo {0..9}`
chars_4="~ ! @ \$ % ^ - _ = + { } [ ] : , . / ?"
# cracking function
function cracker()
{
pass=$1
echo "trying Password $pass"
counter=$(($counter + 1))
unzip -P $pass -o $file_name
[ $? -eq 0 ] && clear && Banner && echo "Password Found : $pass" && echo "Password tried : $counter"&& return $TRUE || return $FALSE
}
# word_List generator
function word_gen()
{
args=$1
[ ${#args} -ge $length ] && cracker $1 && echo "Password Cracked" && flag=$TRUE && exit
if [ ${#args} -lt $length ]; then
for c in $chars; do
word_gen $1$c
done
fi
}
function is_num()
{
[ "$1" -eq "$1" ] > /dev/null 2>&1
return $?
}
function Show_message()
{
echo "+===============================================+"
echo "| A Simple ZIP Password Cracker |"
echo "| Developed By : http:\\\\www.sec-articles.net |"
echo "+===============================================+"
echo " ./s_zipcrack [Mode b/d] {[Lenght_of_Passowrd] [Type_Password] [location]} {[location]}"
echo""
echo " For brute_force Mode :- "
echo " ./s_zipcrack -b [Lenght_of_Passowrd] [Type_Password] [zip_file_location]"
echo " Length_of_Password - integer value"
echo " Type_of_Password - \"A\" Upper_case A-Z"
echo " - \"a\" Lower_case a-z"
echo " - \"n\" numeric 0-9"
echo " - \"c\" Special_chars !.?"
echo " zip_file_Location - Full Path of Zip File"
echo " Example : ./s_zipcrack -b 4 n /home/user/Desktop/secure.zip"
echo ""
echo " For Dictonary Mode : - "
echo " ./s_zipcrack -d [Password_dictonary_file] [zip_file_Location]"
echo " Password_dictonary_file - Full Path of Password dictonary file "
echo " zip_file_Location - Full Path of Zip file"
}
function Banner()
{
echo "+===============================================+"
echo "| A Simple ZIP Password Cracker |"
echo "| Developed By : http:\\\\www.sec-articles.net |"
echo "+===============================================+"
echo ""
}
function brute_force()
{
# Handling Arguments
if [ "$1" = "" ]
then
Show_message
exit
fi
if is_num $1
then
length=$1
else
length=2
fi
for args in "$@"; do
case $args in
a) chars="$chars $chars_1" ;;
A) chars="$chars $chars_2" ;;
n) chars="$chars $chars_3" ;;
c) chars="$chars $chars_4" ;;
esac;
done
if [ "$chars" = "" ]
then
chars="$chars_1"
fi
for arg in "$@"; do
if [ -a $arg ]
then
file_name=$arg
break
fi
done
if [ "$file_name" = "" ]
then
Banner
echo "Could not find \"$3\""
echo "please check the file location & try Again."
exit
fi
#calling word_gen function
for w in $chars; do
word_gen $w
done
}
function dictonary()
{
if [ "$1" = "" ]
then
Banner
echo "please give the password_list."
exit 1
elif [ "$2" = "" ]
then
Banner
echo "please give the zip file location."
exit 1
fi
if [ -a $1 ]
then
pass_list=$1
else
Banner
echo "could not find \"$1\""
echo "please check the file location & try Again."
exit 1
fi
if [ -a $2 ]
then
file_name=$2
else
Banner
echo "could not find \"$2\""
echo "please check the file location & try Again."
exit 1
fi
# reading passwords & calling to cracker function
length=`cat $pass_list | wc -l`
for ((i=0;i<=$length;i++))
do
passwd=`sed -n "$i"p $pass_list`
cracker $passwd && echo "Password Cracked" && flag=$TRUE && exit
done
}
# Main
if [ "$1" = "b" ]
then
brute_force $2 $3 $4
elif [ "$1" = "d" ]
then
dictonary $2 $3
elif [ "$1" = "" ]
then
Show_message
exit
else
Banner
echo "Error in Arguments..!?"
echo "please choose the correct mode. b/d [brute_force/dictonary_attack]"
exit
fi
if [ $flag -eq $FALSE ]
then
clear
Banner
echo "Could not Found Password ?? "
echo "Password tried : $counter"
echo "please Try Again with other Keywords."
fi
Download Code from Here :
How To Use It
First download the script from above given link then open a terminal and change its permission into executable, i run this script in Ubuntu.
chmod +x zp_crack.sh
then run the script
The first argument is mode which decides BruteForce method & there is two modes
1. b :
BruteForce with any combination of characters for example aaaa, aaab, aaac..... zzzz, 1111, 1112, 1113, ...... 9999 etc. With this mode program will takes three additional arguments
Length of password : It specify the length of word & takes an integer value as input.
Type of password : It specify which type of character set you want to use for example use "a" for lowercase alphabet characters, "A" for uppercase alphabet characters, "n" for numeric characters, "s" for special characters.
Zip file location : Give the full path of zip file.
Now to test this program we need to create a password protected zip file. first create a text file
type this command oin your terminal
echo This is secret Document > secret.txt
Then zip it using zip utility
zip -P abcd secure.zip secret.txt
above command will create a zip file "secure.zip" with password "abcd". Now the password abcd consists four lowercase characters, so now we try to crack this password with our tool
Syntax is :
./zp_crack.sh b 4 a /home/ajay/Desktop/secure.zip
then hit enter
Bingo!!... password cracked.
2. d :
Bruteforce with a list of words and try every word in that list to crack password. Its also known as "Dictionary Attack", with this mode program takes two additional arguments
Password Dictionary Files : give the full path of password list or dictionary file.
Zip File Location : give the full path of zip file.
To demonstrate this i use a small list of words
now the syntax will be :
./zp_crack.sh d /home/ajay/Desktop/pass_list.txt /home/ajay/Desktop/secure.zip
Again password is cracked.
Remember this is very basic BruteForce tool and it may not work on complex and lengthy passwords.
So, that's it. thanks for reading this post & if you like it then please comment and share this post.
Now here is the Demonstration Video :
Thank_you..!! <(*_*)>