Increasing the Speed of Cracking Zip Passwords with the Power of CPU.

Sep 30, 2020 08:11 AM
637370183850310468.jpg

Hello my Cracker buddies, this is my first post on Null-Byte.

What We Will Learn

In this post, I would like to introduce and guide you to my Tool -- Zracker, which carries the potential to crack Zip Passwords by running different independent processes on different independent cores respectively and parallelly to increase the speed of cracking passes. Read Further for Detailed Guide, Features and Usage.

WTH Is Zracker, and Why Should I Use It

Zracker is a Zip File Password BruteForcing Utility Tool based on CPU-Power.

  • Yet available for Linux only ...
  • Supports WordList Mode only but will surely get an Update with BruteForce Mode

Features

1 Auto Updater

  • Automatically checks for updates when you start the script, and Downloads and Installs if any update is available so.

2 Utilises the Power of CPU-Cores

  • Can utilise Maximum no. of Cores available.

This means increases the process of cracking of zip passwords by opening different processes on different independent cores.

What this basically does is Split the inputted words from the given WordList and divides them in the no. of Cores Available or Selected and distributes that splitted list among all selected independent cores and work simultaneously ...

Pre-Requisites

Minimal requirements just include:

  • Python 3.xx

To make sure that python v3.xx is installed, type : which python3 in terminal and you should see something like :

637370203532338583.jpg

If you aren't seeing something like this just use your distro's Package Manager to install : python3,

like : sudo apt install python3

  • Next Requirement is to make sure that : python3-pip is installed.

Again, to install that, use your distro's Package Manager to install : python3-pip,

like : sudo apt install python3-pip

Let's Dive

Fire Up Any Linux Distro

Open the Terminal. and clone the Zracker source code repo using : git clone github.com/devim-stuffs/Zracker.git

637370198181556668.jpg

and Change directory to go inside currently cloned folder Zracker using : cd Zracker/

637370200904838720.jpg

Run the Program

Now let us just Run and Use this Python Script using : python3 zracker.py

637370207952963389.jpg

Which will First take care of all the Dependencies Required and then we will be popped with the Zracker's Update Terminal which will check for updates and will download and install if any is available so. If you are up-to-date, just press ENTER.

637370210347495524.jpg

After Hitting ENTER, you will see the Banner and the Menu containing all the OPTIONS available inside Zracker. At the time of writing [2] Crack Zip Files with BruteForce Attack Feature is not available .

637370210929526620.jpg

You can press just the number designated to it's respective Feature to be taken along to that Page. You can obviously take a look to ABOUT page, but for now let's move to the main function of [1] Cracking Zip Files with Custom Dictionary Attack. Just Press "1" and hit ENTER.

After, you will be moved to Custom Dictionary Attack page.

637370214861089176.jpg

It will ask for some inputs :

  • Path to [ZIP] file to be cracked {extension: .zip not compulsory}
  • Path to [TXT] to used to find Pass {extension: .txt not compulsory}
  • No. of cores to be used in Process. Maximum cores available will be prompted, you can go with that too. {No. of cores will decide how long the Cracking process will take..}

After Filling these Details, hit ENTER.

Now, take a look on how it starts the process and displays the real-time status

637370219122807749.jpg

You can see some info like :

  • Time at which Cracking Process started
  • Progress Bar Percentage, etc..

At the Time of Publishing this, due to usage of multiprocessing, it is yet impossible for me to show correct error messages like "Try another Wordlist", So if you see the message "Password Found", then smile ;), but after scanning all the words i.e. after 100%, if you don't see message "Password Found", it indirectly means to use another Wordlist.

Let me give you an example of what above Quote means...

  • If Password is not Found in the wordlist, it will end the process like :
637370226907338808.jpg
  • But if the Password is found within the WordList, it will reflect something like :
637370227426244647.jpg

Another Key Feature: The info related to Zip file and wordlist and of course the password of successful cracks will be saved inside a [.txt] file inside folder cracked/cracked.txt

Testing the Zracker's Potential

Now, let's see how far it's speed goes of cracking a zip file, for which i am taking the same zip "hello.zip"

with the word list "hello.txt" Containing 10,00,000 [10Lakhs] Words placing the password which is devim at the last of the wordlist i.e. 10,00,000th word . Proof:

637370235091869407.jpg

Let's start the Process and see the time taken to crack, or to reach at 10,00,000 word and compare on 1 and 2 Core(s):

  • Performance of 10L words using 2-cores :
637370242424682032.jpg
  • Performance of 10L words using 1-core or on regular Zip-Cracking tool :
637370242912806931.jpg

Now you can just compare the times and see the potential and extent upto which the No. of CPU-cores

can ease your task of BruteForcing saving your a cracker's most important resource -- TIME

Summing Up

Coming to the End of my First Post on Null-Byte, I would just like to hear your views not only on the tool but also on how should I improve my perspective of explaining on these posts, etc...

If you like my Work for this tool, Consider giving it a star on GitHub

~Regards

devIM/Ishaan

Just updated your iPhone? You'll find new Apple Intelligence capabilities, sudoku puzzles, Camera Control enhancements, volume control limits, layered Voice Memo recordings, and other useful features. Find out what's new and changed on your iPhone with the iOS 18.2 update.

Comments

No Comments Exist

Be the first, drop a comment!