+6 votes
6 views
in Security by (26.3k points)
recategorized by
How to find the password of a ZIP file

1 Answer

+17 votes
by (26.3k points)
 
Best answer

Are you trying to open a ZIP archive , but have noticed that you are asked for a password and you have no idea what it might be? If this is indeed the case, then you have landed on the right guide at the right time, because in a moment I will show you how to find the password of a ZIP file .

In this tutorial, I will tell you about various solutions that you can adopt. First, I'll show you how you can use a Linux distro to crack the password of a ZIP file - this is highly effective, but quite complex. In any case, I will then tell you about solutions even for the less experienced, such as some online tools that allow you to find, however, only fairly simple passwords for ZIP files. If you are ready, take all the time you need now, roll up your sleeves and follow the steps that I will show you in this guide. I really hope that the information that I will show you will be able to give you a few moments of joy and satisfaction.

ATTENTION: I want to clarify that the methods I will tell you about are for informational purposes only or at the most to recover lost passwords for your ZIP files. I will not be held responsible in any way for any illegal use. All clear? Well, then I just have to wish you a good read and good luck!

Index

  • Find ZIP file password for free
    • John The Ripper
    • More solutions to find ZIP file password
  • Find ZIP file password online for free
    • LostMyPass
    • More solutions to find ZIP file password online

Find ZIP file password for free

In this first part I will show you how to find ZIP file passwords for free in a highly effective, free but somewhat complex way: this procedure involves the use of a Linux distro focused on computer security, Kali Linux ( which I also told you about passed in reference to the password test of Wi-Fi networks), and more particularly of a tool integrated in the latter, called John The Ripper (which is also available for other distros but must be installed separately); after that I will also propose you some slightly simpler solutions available for Windows, but not 100% free. Read on to know everything in detail.

John The Ripper

kalidesktop

Let's start by talking about John The Ripper , a powerful tool that allows you to find the password of a ZIP file. To use it, as I mentioned just now, I recommend using Kali Linux , a well-known Linux distro dedicated to computer security, in which it is already integrated.

Please note: if you are not too accustomed to the Linux world, it would be better to follow the instructions exactly as I will explain them to you shortly, with the names of the files and folders the same as those I will show you and, possibly, putting the Italian language.

That said, to use Kali Linux, you could use a virtual machine via VirtualBox (not compatible with Macs with Apple Silicon chips) or you could start it via a bootable USB stick . If you don't know how to do it, I've just left you my guides that talk about these two topics.

Now that you are on the Kali Linux desktop, create a new folder by right clicking on an empty spot on the desktop and selecting the Create folder… item from the context menu. Then name the folder whatever you like: I chose folder1 .

In this new folder, put the ZIP file whose password you are looking for. If you're wondering how you can port the ZIP file to Kali Linux, I recommend that you simply share the file to a cloud storage service and access the cloud from your Linux system, but you can also use the virtual sharing feature. machine (if you used this system) or an external drive, such as a USB stick .

kalilinux

Now, open the folder you just created, click on an empty spot in the folder with the right mouse button and select the Open a Terminal here item from the menu. The Terminal will appear before your eyes and here you will have to start typing some command lines. The first you'll need to enter is zip2john nomefile.zip > hash.txt, then you'll need to hit the Enter key on your keyboard. Obviously instead of filename.zip you will have to enter the actual name of the file whose password you are trying to find out.

Now, if everything has been done correctly, in the folder in question you should find a new file called hash.txt . This file, among other information, also contains the encrypted password of the ZIP file.

john

The next step is therefore to "attach" the hash.txt file through another Terminal command which is john hash.txt, always remember to press the Enter key . If the password is simple enough, in a few seconds you should already see written filename.zip plus the contents of that archive on the right and correspondingly on the left, you should see the password in clear text . If the password is more complex, you may have to leave the computer to work for several minutes, even hours (obviously everything depends on the power of the hardware at your disposal), before it can find the correct password.

Believe it or not, the procedure is already finished! It wasn't that difficult, was it? In my case, as you can see from the screenshot above, the password of the ZIP file is 12345678 and it is the one written in orange on the left, in the next line where it says Proceeding with wordlist:/usr/share/john/password.lst .

In any case, if something went wrong while trying to follow my advice, continue reading below, because I will show you another method that you can always follow using John The Ripper.

rockyou

This other method that I'm about to show you is valid if you think that the password of that ZIP file is one of the most common. In this regard, you could use the rockyou.txt list always using John The Ripper via Kali Linux. Rockyou.txt is a file that contains more than 14 million commonly used passwords, and with a little luck, it might come in handy for you to find the ZIP file password in less time.

Again you will need to use a couple of Terminal commands. Then open Terminal (from anywhere), type command sudo gzip -d /usr/share/wordlists/rockyou.txt.gz, hit Enter and you will now be prompted to enter your admin password, go ahead and hit Enter again . This first command is used to extract the rockyou.txt file from the rockyou.txt.gz archive.

rockyoutxt

At this point, go back to the folder where the ZIP file in question is and open Terminal from that folder. If you haven't already, create the hash file via zip2john nomefile.zip > hash.txtand press Enter . Now, to avail the rockyou list, type the following command john –format=zip /usr/share/wordlists/rockyou.txt /home/(nome utente del tuo pc)/Scrivania/(nome della cartella in cui si trova il file hash)/hash.txtand hit Enter .

The first part of the command you just wrote refers to the path to the rockyou.txt file and this path is valid for any user, so you can write it as I wrote it. The second part , which starts from /home, is instead the path to the hash.txt file, so pay attention to correctly type your PC username and the name of the folder where the hash file is located.

The game is done! What you have just seen is how John The Ripper works. It may not be a very simple tool to use, but it certainly leads to good results if used correctly. I really hope that what you have just read has been useful to you, but if not, continue reading this guide of mine for other suggestions.

More solutions to find ZIP file password

Hashsuite1

If the solution I told you about a moment ago seems too complicated to you, you could evaluate the other solutions to find ZIP file passwords that I am about to offer you. One in particular is Hash Suite , a program for Windows that can be downloaded from this page .

This software allows you to find ZIP file passwords without entering any command line. However, its operation is connected to John The Ripper and is always based, in fact, on the analysis of a hash file. It's free in a basic version that allows you to recover only passwords consisting of a few characters.

It may happen that while downloading the program, Windows detects it as a threat and prevents you from completing the download. In this case, you might consider temporarily disabling Windows Defender or the antivirus that is blocking the operation (remembering to re-enable it once you've finished using the program to find the ZIP file password).

Once downloaded and opened, Hash Suite allows you to extract the hash file from the ZIP archive, and then start analyzing it directly from the program. Also in this case, for simple passwords the operation could be quite fast, for more complex ones, however, it could take several minutes or even hours, it also depends on the performance of the PC in use.

Browsing the Web, you will surely find many other software that promise to find the passwords of ZIP files in a very easy and free way, but I advise you to be very careful before downloading one of these programs . This is because, in addition to working little or not at all, very often they are the perfect vehicles for malware .

Find ZIP file password online for free

Are you looking for a way to find ZIP file password online for free without downloading any program and without doing complicated operations? Then you will certainly find this section useful. It is fair to point out, however, that free sites often only allow you to crack fairly simple passwords and ask you to pay a certain amount of money for more complex passwords.

In this regard, I want to warn you about the various sites to find passwords that you could find on the Web, as some could be real scams aimed at stealing some money from users; others could also keep the data uploaded to their servers and not delete them as required by privacy regulations. My advice is to always make sure of the reliability of the site through a Google search or through sites that allow you to read the reviews of other users (like the ones I have recommended here ). With all that said, let's proceed.

LostMyPass

lostmypass

A good site that allows you to find ZIP file passwords online for free is LostMyPass . Its operation is really simple but, as you may have already guessed, it will allow you to find only easy passwords for free . To find more complex passwords, you will instead be asked to pay a certain amount.

To use the site, go to this page and then click on I'm not a robot . Now choose the ZIP file you want to find the password for, dragging it into the box in the center or selecting it "manually" using the appropriate button.

If, as I told you, the ZIP file password is very simple, then after a few seconds you will find a message where you will be notified of the found password. If, on the other hand, the site cannot detect the password, then you will be given the opportunity to use the paid service.

As far as prices are concerned, there is talk of a one-off 29 euros only in case of success and, according to what the site has declared, this method would be 61% effective. It is also possible to make a request for BRUTE FORCE WITH A SPECIFIC MASK with a 100% probability of success with a price to be established based on the work to be done. That said, I advise you to think carefully before giving money to a site of this type.

More solutions to find ZIP file password online

aws

There are of course other solutions to find ZIP file password online as well and one of them is Openwall Password Recovery and Password Security Auditing Bundle . It is a service available for AWS (Amazon Web Services) users which essentially uses John The Ripper, but on the cloud.

To use it, you can go to this page and you will immediately find all the features and rates to be able to use the service which, in practice, is a virtual server with John The Ripper inside, which you "rent" and pay in based on how much it is used. Fees, however, vary quite significantly from country to country and will be billed to your monthly Amazon Web Services account.

The package also includes instructions on how to use John The Ripper with the related commands, such as johnand zip2johnthat we saw earlier in this same tutorial. Use it only if you have specific advanced needs.

Ask a Question
Welcome to WikiTechSolutions where you can ask questions and receive answers from other members of the community.

You can ask a question without registration.

Categories

...