How to use John to crack a zip file?
Hey guys, today we are going to take a look at cracking the password-protected zip files using john the ripper
Requirements:- A Linux or Windows machine ( Linux recommended )
I will be using the kali-Linux docker container, if you want to use docker you can follow the article
Docker Tutorial...
Table of contents:-
- What are password-protected zip files
- Preparation for cracking
- cracking
1) What are password-protected zip files?
Sometimes you get to work with the files which are password-protected, these are the files that need the password to open them. You might have seen this kind of file.
As you can see in the above example, I am trying to extract or unzip this encrypted_file.zip, but its asking me for the password, if you don't have the password you can't extract the files inside it.
2) Preparations for Cracking
If you are using a virtual machine of kali-Linux then you are good to go, you have all the required tools installed, if you are using windows you have to install the tools. If you are using a kali-Linux docker container like me you have to follow some steps along with me to install some proper tools for your container.
1) Updating the System
This is a Linux command used to update the package list in your system. ( We will take a deep look in the Linux article later, for now just remember to run this command in order to install the latest version of the tool)
2) Downloading some essential tools
After updating the repositories we have to install some tools in order to work with the password-protected files, to crack and be able to brute-force them.
you have to install the wordlist & john tool... The wordlist contains the password we are going to brute-force the password-protected file's hash...
3) Cracking
I have a password-protected zip file it is very important for my work, but how can I extract it if I don't have a password for that.
The above is the password-protected zip file...
1) Getting the hash of the password-protected file
In order to get the password of the zip file, we have to find out the hash of the password-protected file,
in order to do that you can follow the step below
As you can see above we have used a command named zip2john, it comes with the tool that we have downloaded in the beginning 'john'.
The zip.hash file contains the password hash for the encrypted_file.zip, you can see that using cat command
2) Cracking the hash of the password-protected file
Now after we have got the hash we can now proceed to crack the hash with the 'john' tool & the wordlist that we have downloaded in the beginning.
But in order to use that wordlist file, we have to extract it. That wordlist is stored in the /usr/share/wordlists/
Inside this directory, you will find a file named rockyou.txt.gz. RockYou is the list of most used passwords by the people there are 14 million passwords in the RockYou file.
But in order to use that file, we first have to extract it, for there is a tool named gzip, it comes pre-installed.
Above is the help section for the gzip command, for our purpose we will be using the switches.
gzip -kd rockyou.txt.gz
Now as you can see above, we also have a file rockyou.txt which we can use in our hash-cracking.
Now we are actually cracking the hash using the john tool.
As you can see in the above example, the command contains the tool
john the wordlist
rockyou & the file where the password is stored
zip.hash
john --wordlist=/usr/share/wordlists/rockyou.txt zip.hash
In simple words, the above command is saying 'john take the wordlist rockyou.txt and crack the hash in the zip.hash file using the RockYou file"
As you can also see that we have got the password for our password-protected zip file, it was a easy password it it took a second to crack it, but if it has more complex passwords then it can be a time taking process, or you might never get the password if it is not encluded in the rockyou.txt file.
3) Unzipping the file with the password we got
Now it's the moment of truth, we are going to unzip the password-protected file using the password we have got by cracking the hash.
As you can see, we have successfully extracted the file ( Note:- I have used the -P "password" just for your understanding it is not a best practice to extract a password-protected file as anyone who has the access to the machine can see the history). Instead, use the switch
unzip -e encrypted_file.zip
This will give you a prompt to enter a password
4) Seeing what's inside the important.txt
Conclusion:-
From the above example, we have learned to use the tool john-the-ripper for cracking password-protected zip files.
Stay Tuned✌✌
