Cracking ZIP Archive Passwords

Submitted by jabrown on Mon, 10/30/2017 - 01:51

This will be a quick walk-through on how to crack password protected ZIP archives.

You will need Hashcat and John the Ripper jumbo.

John Jumbo will need to compile If using a Linux system that does not have a zip2john package.


Once Hashcat and John the Ripper has been unpackaged and compiled we can get the hash value of the ZIP file.

To get the hash value run. /path/to/john/jumbo/run/zip2john {zip file}

This creates a colon (:) delimited string. We only the hash value when using Hashcat to crack the hash.

To create a hash list with only the hash value run. /path/to/john/jumbo/run/zip2john {zip file} | cut -d ':' -f 2 > {hash list file}



Once we have the hash value we can then use Hashcat to crack it.

The Hashcat command to use a wordlist attack against a Winzip hash is. hashcat -a 0 -m 13600 {hash list} {wordlist}

The command that we used is different due to the unique issues of the Linux kernel, GPU drivers, and hardware of the hash cracking system.



It only took a few seconds to crack the simple password of "password".

zip crack


Cracking ZIP passwords is fairly simple and easy with the right tools and wordlists.


Visit the store or contact us if you need to recover some passwords.