Cracking Password-Protected ZIP Files – The Smart Way
February 20, 2011
Posted by on
I’m struggling for some years now to crack a password protected ZIP files that I created 8 years ago. I have tried different brute force programs found on the net, but even though the CPUs are getting faster, it still would still have required probably a lot of years to crack it.
Today I found out that you can decrypt a password protected file if you happen to have an original file, or at least a part of it. These technique is called “Known plain-text attack”. So I realized that I had a file unencrypted and started investigating how I could crack my archive using this file.
Using free tools (like PkCrack) did not help. So I used Elcomsoft Advanced Archive Password Recovery. I managed to crack the archive in less than 1 minute!
But: I spent a lot of time figuring out how to prepare the input for Elcomsoft ARCHPR. I needed to compress the unencrypted file using the same compression level (and program I guess) which I used when I encrypted the files. After struggling with 7-zip and other archive managers, I had to download WinZip. These seemed to have done the trick!
Additionally, my files were inside folders in the archive. I prepared the archives to contain only the files, without the folders. It seems that WinZip can rearrange files in an archive, even if they are encrypted, 7-zip not.
And then the expected happened: using Elcomsoft ARCHPR I had decompressed and decrypted all files in the archive. They have been sitting there for 8 years and probably they would have remained there until the CPUs (or GPUs) would manage to brute-force my archive in a reasonable time.
Now I can enjoy my super-secret-highly-classified encrypted pictures again!