agourlay/zip-password-finder agourlay/zip-password-finder

  • Stars
    star
    126
  • Rank 274,701 (Top 6 %)
  • Language
    Rust
  • License
    Apache License 2.0
  • Created over 1 year ago
  • Updated 3 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
agourlay/zip-password-finder
github

agourlay

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Find the password of protected ZIP files.

zip-password-finder

Build

zip-password-finder is a tool to find the password of protected zip files.

The design of this tool is described in details in the following blog articles:

Features

  • Supports both ZipCrypto and AES encryption.
  • Leverages multiple threads to speed up the process
  • Dictionary attack to test passwords from a dictionary text file (one word per line)
  • Brute force to generate all passwords for a given charset and a password length range

The available charsets for the password generation are:

  l | abcdefghijklmnopqrstuvwxyz [a-z]
  u | ABCDEFGHIJKLMNOPQRSTUVWXYZ [A-Z]
  d | 0123456789                 [0-9]
  h | 0123456789abcdef           [0-9a-f]
  H | 0123456789ABCDEF           [0-9A-F]
  s | «space»!"#$%&'()*+,-./:;<=>?@[\]^_`{|}~

Installation

Releases

Using the provided binaries in https://github.com/agourlay/zip-password-finder/releases

Crates.io

Using Cargo via crates.io.

Warning: currently not up to date with the latest version (see issue).

cargo install zip-password-finder

AUR

You can install zip-password-finder from the AUR using an AUR helper. For example:

paru -S zip-password-finder

Usage

./zip-password-finder -h
Find the password of protected ZIP files

Usage: zip-password-finder [OPTIONS] --inputFile <inputFile>

Options:
  -i, --inputFile <inputFile>
          path to zip input file
  -w, --workers <workers>
          number of workers
  -p, --passwordDictionary <passwordDictionary>
          path to a password dictionary file
  -c, --charset <charset>
          charset to use to generate password [default: lud] [possible values: l, u, d, h, H, s]
      --minPasswordLen <minPasswordLen>
          minimum password length [default: 1]
      --maxPasswordLen <maxPasswordLen>
          maximum password length [default: 10]
      --fileNumber <fileNumber>
          file number in the zip archive [default: 0]
  -h, --help
          Print help
  -V, --version
          Print version

Performance

For AES make sure to use a CPU with SHA instructions (Intel Sandy Bridge or newer, AMD Bulldozer or newer) to get the best performance.

Native builds tend to perform better in general.

RUSTFLAGS="-C target-cpu=native" cargo build --release

In general this tool is rather slow and seems to suffer from contention as the number of workers increases which makes it impractical for non-trivial passwords.

More Repositories

1

cornichon

Testing tool in Scala for HTTP JSON API
Scala
224
star
2

hprof-slurp

JVM heap dump analyzer
Rust
87
star
3

omnibus

An HTTP-friendly persistent message bus.
Scala
70
star
4

dlm

Minimal HTTP download manager
Rust
48
star
5

post-on-my-fridge

Fun content platform built with Akka and Ember.js
Scala
21
star
6

json-2-csv

Transforms JSON collections into CSV files.
Scala
10
star
7

zbb

zbb is a CLI fetching the latest schedules for the BVG
Rust
9
star
8

ray-tracer

Implementation in Rust of "The Ray Tracer Challenge" book.
Rust
3
star
9

allez-fauna

A collaborative platform for climbers for sharing grades.
Scala
2
star
10

agourlay.github.io

Source of my blog
1
star