HLDoom32768 Posted March 23, 2006 Share Posted March 23, 2006 Alright, I have a file that I encrypted a while ago, and forgot the password. I used Winzip 9 to encrypt it, and I believe I used the 128bit encryption, although it may be 256bit, but like I said, I can't remember exactly.I think the password is all letters with no numbers, and no spaces, although I'm not sure about that. I think it does have a few capital letters also.I got a few different programs to try to crack the password, but I couldn't find any that worked well. It is a simple text file that is in the zip, so it isn't more then one file or anything like that.But see, my problem is, I believe the password was nearly 20 characters long, so therefore my inability to find the password. Is there any hacker way to open this file? Comon hackers, I need your help I could have it scan for say a day or two, as I will be gone this weekend, I could have it scan from saturday at about noon till Sunday at about 2pm. Anyone know if a good program to find a 20+ character password encrypted using Winzip?Thanks... Link to comment Share on other sites More sharing options...
Gouki Posted March 23, 2006 Share Posted March 23, 2006 (edited) The only possible way to find out a password of a .ZIP file are brute-force, dictionary-based and known-plaintext attacks.I don't know any aplication that can be used to accomplish this.Take care.EDIT: You should have posted on Software Hangout forum.EDIT 2: It got here! Edited March 23, 2006 by Gouki Link to comment Share on other sites More sharing options...
N1K Posted March 23, 2006 Share Posted March 23, 2006 EDIT: You should have posted on Software Hangout forum.EDIT 2: It got here! Yup, it is moved to the right section, as for cracking I doubt that you'll be able to crack the 128/256 bit 20+ signs password..If you have some brute force tools it could take ages for it.. Link to comment Share on other sites More sharing options...
Gouki Posted March 23, 2006 Share Posted March 23, 2006 (edited) Yes. I agree. However, I found a list of some brute force cracking tools. The only 'no no' is that they are not free. Give the free try a shot. Edited March 23, 2006 by Gouki Link to comment Share on other sites More sharing options...
HLDoom32768 Posted March 23, 2006 Author Share Posted March 23, 2006 Yes. I agree. However, I did a list of some brute force cracking tools. The only 'no no' is that they are not free. Give the free try a shot.Well see, that is my problem. I can't seem to find a program that is free. I mean, a 30 day trial woudl be fine, but even those don't have the ability to scan for a 20+ character password. Most are like 7character max, then a dictionary attack for more then that.I'll look through those programs, but I think I already tried most of those. Does anyone know of a program that can do a brut force, I think that is what I need, for a 20+character password in winzip? Link to comment Share on other sites More sharing options...
Gouki Posted March 23, 2006 Share Posted March 23, 2006 (edited) I just noticed I said "I made a list". Sorry ... I did not mean to say that. Edited.I would look at Sourceforge. If there is a freeware utility for it, they have it. Edited March 23, 2006 by Gouki Link to comment Share on other sites More sharing options...
ColdFusion200 Posted March 23, 2006 Share Posted March 23, 2006 i'd say unless its a word that likely to be found in a wordlist forget about it. brute forcing a 20+ character password could easily take years, add numbers, case and symbols and it aint gonna be cracked any time this millenium unless you're lucky and its using characters from lower down the list Link to comment Share on other sites More sharing options...
DSX Posted March 23, 2006 Share Posted March 23, 2006 HLDoom32768,As long as the zip doesn't contain anything sensitive, I can try running it through some of the PC's I have available at my work place and some of the programs my company has bought, if you share it with me.-DSX Link to comment Share on other sites More sharing options...
LLXX Posted March 24, 2006 Share Posted March 24, 2006 Bruteforcing will take a *very* long time. For all passwords composed of upper and lower-case letters 20 characters in length, there are 20,896,178,655,943,101,411,324,274,803,736,600 of them. At 1 million per second, it'll still take more than 1 billion times the current age of the universe to test them all.However, if you know certain characteristics of the password, e.g. where the capital letters are, you know part of it, etc. it can decrease the keyspace significantly.If you know part of the contents of the text file then known-plaintext attack may work. Link to comment Share on other sites More sharing options...
N1K Posted March 24, 2006 Share Posted March 24, 2006 Bruteforcing will take a *very* long time. For all passwords composed of upper and lower-case letters 20 characters in length, there are 20,896,178,655,943,101,411,324,274,803,736,600 of them. At 1 million per second, it'll still take more than 1 billion times the current age of the universe to test them all.LOL, nice and useful statistic Link to comment Share on other sites More sharing options...
Delprat Posted March 24, 2006 Share Posted March 24, 2006 20,896,178,655,943,101,411,324,274,803,736,600Now I understand why numbers has been discovered *after* social engineering...Prehistoric people didn't like headhaches Anyway, that's a beautiful number with *embedded* rythm Link to comment Share on other sites More sharing options...
HLDoom32768 Posted March 24, 2006 Author Share Posted March 24, 2006 HLDoom32768,As long as the zip doesn't contain anything sensitive, I can try running it through some of the PC's I have available at my work place and some of the programs my company has bought, if you share it with me.-DSXThanks for the offer, I apreciate it, but I don't want to be sending this file around, I would like to decrypt it at home... Does your work have really good decryption or something? I honestly can't remeber all the content of the text file, but from what I remember, I wish to keep it at home...Bruteforcing will take a *very* long time. For all passwords composed of upper and lower-case letters 20 characters in length, there are 20,896,178,655,943,101,411,324,274,803,736,600 of them. At 1 million per second, it'll still take more than 1 billion times the current age of the universe to test them all.However, if you know certain characteristics of the password, e.g. where the capital letters are, you know part of it, etc. it can decrease the keyspace significantly.If you know part of the contents of the text file then known-plaintext attack may work.Thanks stinks It MIGHT, be like 10 characters long, but I am pretty sure I had it about 20 characters long. Like I had said, it does NOT have any numbers, but I think it has some capital letters. It would not work for a dictionary attack, because I wrote like a sentance, or made some kinda jibberish, to make it secure. Sadly I made it to secure I think it does have a capital letter at the start though, but I'm not sure about the remainder of the file.So there is NO know glitches to Winzip that you can crack the file or anything? So say the govt needed to get this file (They never would, but lets just say so) there is no way for them to break it? No one out there is a crazy smart hacker and can tell me how to hack it? Link to comment Share on other sites More sharing options...
Gouki Posted March 24, 2006 Share Posted March 24, 2006 It would be fun if we all had Government resources. They would be able to crack it, but don't expect them tell you how. Link to comment Share on other sites More sharing options...
nmX.Memnoch Posted March 24, 2006 Share Posted March 24, 2006 One question....Is the file actually encrypted or does it just have a password on it? Link to comment Share on other sites More sharing options...
Gouki Posted March 24, 2006 Share Posted March 24, 2006 (edited) I think the archive is just password protected. After some good searching I found an application that may do it for you.It does brute force, dictionary attack and known plain-text.http://www.elcomsoft.com/archpr.htmlDo you have any ideas of wich characters were used while entering the password? It would help cracking it. Edited March 25, 2006 by Gouki Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now