CodingPleasure

cultivate passion for everything else that goes on around programming

Cracking Password-Protected ZIP Files – The Smart Way

I’m struggling for some years now to crack a password protected ZIP files that I created 8 years ago. I have tried different brute force programs found on the net, but even though the CPUs are getting faster, it still would still have required probably a lot of years to crack it.

Today I found out that you can decrypt a password protected file if you happen to have an original file, or at least a part of it. These technique is called “Known plain-text attack”. So I realized that I had a file unencrypted and started investigating how I could crack my archive using this file.

Using free tools (like PkCrack) did not help. So I used Elcomsoft Advanced Archive Password Recovery. I managed to crack the archive in less than 1 minute!

But: I spent a lot of time figuring out how to prepare the input for Elcomsoft ARCHPR. I needed to compress the unencrypted file using the same compression level (and program I guess) which I used when I encrypted the files. After struggling with 7-zip and other archive managers, I had to download WinZip. These seemed to have done the trick!

Additionally, my files were inside folders in the archive. I prepared the archives to contain only the files, without the folders. It seems that WinZip can rearrange files in an archive, even if they are encrypted, 7-zip not.

And then the expected happened: using Elcomsoft ARCHPR I had decompressed and decrypted all files in the archive. They have been sitting there for 8 years and probably they would have remained there until the CPUs (or GPUs) would manage to brute-force my archive in a reasonable time.

Now I can enjoy my super-secret-highly-classified encrypted pictures again!

About these ads

2 responses to “Cracking Password-Protected ZIP Files – The Smart Way

  1. Pingback: Failed Apps « Cantemir's space

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: