Jump to content

Winzip Encrypted File

HLDoom32768

By HLDoom32768
in Software Hangout

 Share

Recommended Posts

HLDoom32768

HLDoom32768

Posted
Posted

Alright, I have a file that I encrypted a while ago, and forgot the password. I used Winzip 9 to encrypt it, and I believe I used the 128bit encryption, although it may be 256bit, but like I said, I can't remember exactly.

I think the password is all letters with no numbers, and no spaces, although I'm not sure about that. I think it does have a few capital letters also.

I got a few different programs to try to crack the password, but I couldn't find any that worked well. It is a simple text file that is in the zip, so it isn't more then one file or anything like that.

But see, my problem is, I believe the password was nearly 20 characters long, so therefore my inability to find the password. Is there any hacker way to open this file? Comon hackers, I need your help ;)

I could have it scan for say a day or two, as I will be gone this weekend, I could have it scan from saturday at about noon till Sunday at about 2pm. Anyone know if a good program to find a 20+ character password encrypted using Winzip?

Thanks...

Link to comment
Share on other sites

Gouki

Gouki

Posted
Posted (edited)

The only possible way to find out a password of a .ZIP file are brute-force, dictionary-based and known-plaintext attacks.

I don't know any aplication that can be used to accomplish this.

Take care.

EDIT: You should have posted on Software Hangout forum.

EDIT 2: It got here! :)

Edited by Gouki
Link to comment
Share on other sites
N1K

N1K

Posted
Posted
EDIT: You should have posted on Software Hangout forum.

EDIT 2: It got here! :)

Yup, it is moved to the right section, as for cracking I doubt that you'll be able to crack the 128/256 bit 20+ signs password..If you have some brute force tools it could take ages for it..

Link to comment
Share on other sites
HLDoom32768

HLDoom32768

Posted
  • Author
Posted
Yes. I agree. However, I did a list of some brute force cracking tools. The only 'no no' is that they are not free. Give the free try a shot.

Well see, that is my problem. I can't seem to find a program that is free. I mean, a 30 day trial woudl be fine, but even those don't have the ability to scan for a 20+ character password. Most are like 7character max, then a dictionary attack for more then that.

I'll look through those programs, but I think I already tried most of those. Does anyone know of a program that can do a brut force, I think that is what I need, for a 20+character password in winzip?

Link to comment
Share on other sites
Gouki

Gouki

Posted
Posted (edited)

I just noticed I said "I made a list". Sorry ... I did not mean to say that. Edited.

I would look at Sourceforge. If there is a freeware utility for it, they have it.

Edited by Gouki
Link to comment
Share on other sites
ColdFusion200

ColdFusion200

Posted
Posted

i'd say unless its a word that likely to be found in a wordlist forget about it. brute forcing a 20+ character password could easily take years, add numbers, case and symbols and it aint gonna be cracked any time this millenium unless you're lucky and its using characters from lower down the list

Link to comment
Share on other sites
DSX

DSX

Posted
Posted

HLDoom32768,

As long as the zip doesn't contain anything sensitive, I can try running it through some of the PC's I have available at my work place and some of the programs my company has bought, if you share it with me.

-DSX

Link to comment
Share on other sites
LLXX

LLXX

Posted
Posted

Bruteforcing will take a *very* long time. For all passwords composed of upper and lower-case letters 20 characters in length, there are 20,896,178,655,943,101,411,324,274,803,736,600 of them. At 1 million per second, it'll still take more than 1 billion times the current age of the universe to test them all.

However, if you know certain characteristics of the password, e.g. where the capital letters are, you know part of it, etc. it can decrease the keyspace significantly.

If you know part of the contents of the text file then known-plaintext attack may work.

Link to comment
Share on other sites
N1K

N1K

Posted
Posted
Bruteforcing will take a *very* long time. For all passwords composed of upper and lower-case letters 20 characters in length, there are 20,896,178,655,943,101,411,324,274,803,736,600 of them. At 1 million per second, it'll still take more than 1 billion times the current age of the universe to test them all.

LOL, nice and useful statistic :D

Link to comment
Share on other sites
Delprat

Delprat

Posted
Posted
20,896,178,655,943,101,411,324,274,803,736,600

Now I understand why numbers has been discovered *after* social engineering...

Prehistoric people didn't like headhaches :P

Anyway, that's a beautiful number with *embedded* rythm :lol:

Link to comment
Share on other sites
HLDoom32768

HLDoom32768

Posted
  • Author
Posted
HLDoom32768,

As long as the zip doesn't contain anything sensitive, I can try running it through some of the PC's I have available at my work place and some of the programs my company has bought, if you share it with me.

-DSX

Thanks for the offer, I apreciate it, but I don't want to be sending this file around, I would like to decrypt it at home... Does your work have really good decryption or something? I honestly can't remeber all the content of the text file, but from what I remember, I wish to keep it at home...

Bruteforcing will take a *very* long time. For all passwords composed of upper and lower-case letters 20 characters in length, there are 20,896,178,655,943,101,411,324,274,803,736,600 of them. At 1 million per second, it'll still take more than 1 billion times the current age of the universe to test them all.

However, if you know certain characteristics of the password, e.g. where the capital letters are, you know part of it, etc. it can decrease the keyspace significantly.

If you know part of the contents of the text file then known-plaintext attack may work.

Thanks stinks :realmad: It MIGHT, be like 10 characters long, but I am pretty sure I had it about 20 characters long. Like I had said, it does NOT have any numbers, but I think it has some capital letters. It would not work for a dictionary attack, because I wrote like a sentance, or made some kinda jibberish, to make it secure. Sadly I made it to secure :no:

I think it does have a capital letter at the start though, but I'm not sure about the remainder of the file.

So there is NO know glitches to Winzip that you can crack the file or anything? So say the govt needed to get this file (They never would, but lets just say so) there is no way for them to break it? No one out there is a crazy smart hacker and can tell me how to hack it?

Link to comment
Share on other sites
Gouki

Gouki

Posted
Posted (edited)

I think the archive is just password protected. After some good searching I found an application that may do it for you.

It does brute force, dictionary attack and known plain-text.

http://www.elcomsoft.com/archpr.html

Do you have any ideas of wich characters were used while entering the password? It would help cracking it.

Edited by Gouki
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...