File: fcrackzip.txt

package info (click to toggle)
fcrackzip 1.0-4
  • links: PTS, VCS
  • area: main
  • in suites: wheezy
  • size: 632 kB
  • sloc: ansic: 2,723; sh: 743; makefile: 121; perl: 81
file content (198 lines) | stat: -rw-r--r-- 10,730 bytes parent folder | download | duplicates (7)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
FCRACKZIP(1)                                                      FCRACKZIP(1)



NNAAMMEE
       _f_c_r_a_c_k_z_i_p - a Free/Fast Zip Password Cracker

SSYYNNOOPPSSIISS
       ffccrraacckkzziipp  [-bDBchVvplum2] [--brute-force] [--dictionary] [--benchmark]
       [--charset characterset]  [--help]  [--validate]  [--verbose]  [--init-
       password  string/path] [--length min-max] [--use-unzip] [--method name]
       [--modulo r/m] file...

DDEESSCCRRIIPPTTIIOONN
       _f_c_r_a_c_k_z_i_p searches each zipfile given for encrypted files and tries  to
       guess the password. All files must be encrypted with the same password,
       the more files you provide, the better.

   OOPPTTIIOONNSS
       --hh,, ----hheellpp
              Prints the version number and (hopefully) some helpful insights.

       --vv,, ----vveerrbboossee
              Each -v makes the program more verbose.

       --bb,, ----bbrruuttee--ffoorrccee
              Select brute force mode. This tries all possible combinations of
              the letters you specify.

       --DD,, ----ddiiccttiioonnaarryy
              Select dictionary mode. In this mode, fcrackzip will read  pass-
              words  from a file, which must contain one password per line and
              should be alphabetically sorted (e.g. using ssoorrtt((11))).

       --cc,, ----cchhaarrsseett cchhaarraacctteerrsseett--ssppeecciiffiiccaattiioonn
              Select the characters to use in brute-force  cracking.  Must  be
              one of

                a   include all lowercase characters [a-z]
                A   include all uppercase characters [A-Z]
                1   include the digits [0-9]
                !   include [!:$%&/()=?{[]}+*~#]
                :   the following characters upto the end of the spe-
                    cification string are included in the character set.
                    This way you can include any character except binary
                    null (at least under unix).

              For  example, a1:$% selects lowercase characters, digits and the
              dollar and percent signs.

       --pp,, ----iinniitt--ppaasssswwoorrdd ssttrriinngg
              Set initial (starting) password  for  brute-force  searching  to
              _s_t_r_i_n_g, or use the file with the name _s_t_r_i_n_g to supply passwords
              for dictionary searching.

       --ll,, ----lleennggtthh mmiinn[[--mmaaxx]]
              Use an initial password of length min, and check  all  passwords
              upto  passwords  of length max (including). You can omit the max
              parameter.

       --uu,, ----uussee--uunnzziipp
              Try to decompress the first  file  by  calling  unzip  with  the
              guessed password. This weeds out false positives when not enough
              files have been given.

       --mm,, ----mmeetthhoodd nnaammee
              Use method number "name" instead of the default cracking method.
              The  switch  ----hheellpp  will print a list of available methods. Use
              ----bbeenncchhmmaarrkk to see  which  method  does  perform  best  on  your
              machine. The nnaammee can also be the number of the method to use.

       --22,, ----mmoodduulloo rr//mm
              Calculate only r/m of the password. Not yet supported.

       --BB,, ----bbeenncchhmmaarrkk
              Make a small benchmark, the output is nearly meaningless.

       --VV,, ----vvaalliiddaattee
              Make some basic checks wether the cracker works.

ZZIIPP PPAASSSSWWOORRDD BBAASSIICCSS
       Have you ever mis-typed a password for unzip? Unzip reacted pretty fast
       with incorrect password, _w_i_t_h_o_u_t decrypting the whole file. While the
       encryption algorithm used by zip is relatively secure, PK made cracking
       easy by providing hooks for very fast  password-checking,  directly  in
       the zip file. Understanding these is crucial to zip password cracking:

       For each password that is tried, the first twelve bytes of the file are
       decrypted. Depending on the version of zip used  to  encrypt  the  file
       (more  on  that  later), the first ten or eleven bytes are random, fol-
       lowed by one or two bytes whose values are stored elsewhere in the  zip
       file,  i.e.  are  known  beforehand. If these last bytes don't have the
       correct (known) value, the password is definitely wrong. If  the  bytes
       are correct, the password _m_i_g_h_t be correct, but the only method to find
       out is to unzip the file and compare the uncompressed length and crcs.

       Earlier  versions  of  pkzip (1.xx) (and, incidentally, many zip clones
       for other operating systems!) stored two known bytes.  Thus  the  error
       rate  was  roughly  1/2^16 = 0.01%. PKWARE improved (interesting what
       industry calls improved) the security of their format by only including
       one  byte, so the possibility of false passwords is now raised to 0.4%.
       Unfortunately, there is no real way to distinguish one  byte  from  two
       byte formats, so we have to be conservative.

BBRRUUTTEE FFOORRCCEE MMOODDEE
       By default, brute force starts at the given starting password, and suc-
       cessively tries all combinations until they are exhausted, printing all
       passwords that it detects, together with a rough correctness indicator.

       The starting password given by the _-_p  switch  determines  the  length.
       fcrackzip  will  not  currently  increase the password length automati-
       cally, unless the _-_l switch is used.

DDIICCTTIIOONNAARRYY MMOODDEE
       This mode is similar to brute force mode,  but  instead  of  generating
       passwords  using  a given set of characters and a length, the passwords
       will be read from a file that you have to specify using the _-_p  switch.

CCPP MMAASSKK
       A  CP  mask  is  a  method to obscure images or parts of images using a
       password.  These obscured images can be restored  even  when  saved  as
       JPEG  files. In most of these files the password is actually hidden and
       can be decoded easily (using one of the many available viewer and mask-
       ing programs, e.g. xv). If you convert the image the password, however,
       is lost. The ccppmmaasskk crack method  can  be  used  to  brute-force  these
       images. Instead of a zip file you supply the obscured part (and nothing
       else) of the image in the PPPPMM-Image Format (xxvv and  other  viewers  can
       easily do this).

       The  ccppmmaasskk  method  can  only cope with password composed of uppercase
       letters, so be sure to supply the ----cchhaarrsseett  AA  or  equivalent  option,
       together with a suitable initialization password.

EEXXAAMMPPLLEESS
       ffccrraacckkzziipp --cc aa --pp aaaaaaaaaaaa ssaammppllee..zziipp
              checks  the  encrypted  files  in sample.zip for all lowercase 6
              character passwords (aaaaaa ... abaaba ... ghfgrg ... zzzzzz).

       ffccrraacckkzziipp ----mmeetthhoodd ccppmmaasskk ----cchhaarrsseett AA ----iinniitt AAAAAAAA tteesstt..ppppmm
              checks the obscured image tteesstt..ppppmm for all four character  pass-
              words.   -TP  ffccrraacckkzziipp --DD --pp ppaasssswwoorrddss..ttxxtt ssaammppllee..zziipp check for
              every password listed in the file ppaasssswwoorrddss..ttxxtt.

PPEERRFFOORRMMAANNCCEE
       _f_z_c, which seems to be widely used as a fast password  cracker,  claims
       to  make  204570  checks per second on my machine (measured under plain
       dos w/o memory manager).

       _f_c_r_a_c_k_z_i_p, being written in  C  and  not  in  assembler,  naturally  is
       slower. Measured on a slightly loaded unix (same machine), its 12 per-
       cent slower (the compiler used was _p_g_c_c, from  hhttttpp::////wwwwww..ggcccc..mmll..oorrgg//).

       To remedy this a bit, I converted small parts of the encryption core to
       x86 assembler (it will still compile on non x86 machines), and now its
       about  4-12  percent  faster than _f_z_c (again, the _f_c_r_a_c_k_z_i_p performance
       was measured under a multitasking os,  so  there  are  inevitably  some
       meaurement  errors),  so there shouldn't be a tempting reason to switch
       to other programs.

       Further improvements are definitely possible: _f_z_c took 4 years  to  get
       into  shape, while fcrackzip was hacked together in under 10 hours. And
       not to forget you have the source, while  other  programs  (like  _f_z_c),
       even  come  as  an _e_n_c_r_y_p_t_e_d _._e_x_e file (maybe because their programmers
       are afraid of other people could having a look at their  lack  of  pro-
       gramming skills?  nobody knows...)

RRAATTIIOONNAALLEE
       The  reason  I  wrote _f_c_r_a_c_k_z_i_p was NNOOTT to have the fastest zip cracker
       available, but to provide a _p_o_r_t_a_b_l_e, _f_r_e_e (thus _e_x_t_e_n_s_i_b_l_e), but still
       _f_a_s_t  zip  password  cracker.  I  was  really pissed of with that dumb,
       nonextendable zipcrackers that were either slow, were too  limited,  or
       wouldn't  run  in  the background (say, under unix). (And you can't run
       them on your superfast 600Mhz Alpha).

BBUUGGSS
       No automatic unzip checking.

       Stop/resume facility is missing.

       Should be able to distinguish between files with 16  bit  stored  CRCs
       and 8 bit stored CRCs.

       The benchmark does not work on all systems.

       It's still early alpha.

       Method "cpmask" only accepts ppms.

       Could be faster.

AAUUTTHHOORR
       _f_c_r_a_c_k_z_i_p   was  written  by  Marc  Lehmann  <pcg@goof.com>.  The  main
       _f_c_r_a_c_k_z_i_p page is at hhttttpp::////wwwwww..ggooooff..ccoomm//ppccgg//mmaarrcc//ffccrraacckkzziipp..hhttmmll)




                        Free/Fast Zip Password Cracker            FCRACKZIP(1)