I've been trying to crack some encrypted zip files for a while now with absolutely no luck. I've tried using PRTK and pkcrack. I've tried using a plaint-text attack with the pkcrack utility but i get the response after it runs that a password wasn't found and i probably choose the wrong plaintext, however my encrypted and unencrypted files have the same CRC so i don't see why it's not working. Does anyone have any experience with this that would be willing to help me out?
Thanks in advance.
Greetings,
Are you using these tools on a ZIP file whose password you know? Or are you trying to crack an unknown password? These tools are not guaranteed to crack a password.
If I remember correctly, the plaintext will not work against AES encrypted ZIP files. I don't know if PRTK will give you a warning about this. Passware will warn you.
Have you tried Passware's encryption analyzer tool? It should help you figure out how the file is encrypted, and what attack(s) to use on it.
I also have some vague memories that you need to use the same ZIP application with the same, or similar, settings but if you have matching CRCs that may not apply.
-David
I made good experience with the cracker from elcomsoft (
Good luck
Chris
Winzip version 9 and later utilizes AES-128, AES-192 and AES-256, so the only options left are dictionary and brute force. If you can't get a 'relevant' dictionary, then you will need a decent password cracking software such as elcomsoft (as suggested above), lots of 'good luck', a powerful PC + plenty of time.
So i've tried PRTK, Passware, and pkcrack. None of them have worked, albeit i'm only using the demo of passware for right now. But PRTK has been running for a week, it's almost completed all the different levels without cracking the zip. I have a feeling it's a problem with the plaintext file i'm using. Anyone have any advice as to how to ensure i have a good plaintext file. The CRCs match between the encrypted and decrypted files, what else should i be looking for?
As noted, earlier, if this is AES encrypted, plaintext attacks won't work. You'll need brute force and a lot of time (2^128 for AES-256) or a good deal of luck.
i don't believe it is aes encrypted.
Greetings,
Did you try the Passware Encryption Analyzer to be certain it is not AES encrypted?
If you want to send me a copy of the file, I'll take a look at it for you.
-David