Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/cwithmichael/breakzip

BruteForce PKZip/ZipCrypto breaker
https://github.com/cwithmichael/breakzip

bruteforce bruteforce-password-cracker encryption pkzip python zip zipcrypto

Last synced: about 1 month ago
JSON representation

BruteForce PKZip/ZipCrypto breaker

Host: GitHub
URL: https://github.com/cwithmichael/breakzip
Owner: cwithmichael
License: mit
Created: 2020-04-13T22:51:06.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2021-08-30T00:27:06.000Z (over 3 years ago)
Last Synced: 2023-04-10T14:19:12.378Z (over 1 year ago)
Topics: bruteforce, bruteforce-password-cracker, encryption, pkzip, python, zip, zipcrypto
Language: Python
Homepage:
Size: 673 KB
Stars: 8
Watchers: 2
Forks: 0
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# BreakZip

[![GitHub Actions](https://github.com/cwithmichael/breakzip/actions/workflows/github-actions.yml/badge.svg)](https://github.com/cwithmichael/breakzip/actions/workflows/github-actions.yml)

## Motivation

This program was created for a very specfic problem I had. I had a large encrypted zip file that I lost/forgot the password for. Using traditional bruteforce methods resulted in a lot of false positives.

This program hopes to minimize false positives. It works by actually checking to see if a given file type exists in the 'plaintext' after attempting a guess password.
More info about Python's ZipFile lib can be found here:
https://docs.python.org/3/library/zipfile.html#zipfile.ZipFile.open

## Requirements

Python >= 3.9

## Installation Instructions (Recommended)

Make sure you have [Pipenv installed](https://pipenv.pypa.io/en/latest/#install-pipenv-today)

Install the requirements and start a pipenv shell

`pipenv install`

`pipenv shell`

## Running Tests (Pipenv)

If you want to run the tests, then you'll have to install `pytest`

`pipenv install -e ".[testing]"`

`pytest`

## Installation Instructions (Without Pipenv)

Create a virtualenv and activate it

`python3 -m venv venv`

`source venv/bin/activate`

Run install

`python setup.py install`

## Running Tests (Without Pipenv)

If you want to run the tests, then you'll have to install `pytest`

`pip install -e ".[testing]"`

`pytest`

## Usage

### Noninteractive Mode (Default)

`breakzip `

Let's say we had an encrypted zip file named `cats.zip` with a jpg file in it.
In this example the password is `fun` and our wordlist contains `fun`.

```bash
$ breakzip cats.zip jpg < wordlist
Found it! -> fun
```

We can also use a password generator like JohnTheRipper to provide passwords.

```bash
$ ./JohnTheRipper/run/john --mask=fu?a -stdout | breakzip cats.zip jpg
Press 'q' or Ctrl-C to abort, almost any other key for status
95p 0:00:00:00 100.00% (2020-04-13 17:35) 1520p/s fu|
Found it! -> fun
```

### Interactive Mode

```bash
$ breakzip tests/cats.zip jpg -i
Enter password: lol
Incorrect Password. Try again.
Enter password: fun
Found it! -> fun
```

## Important Notes

Supports PKZip/ZipCrypto Encryption _only_

Only a limited number of file types are supported at the moment: zip, wmv/asf/wma, jpg, png, xml

But it's pretty easy to extend support for various file types.