Today we will understand python script to crack specific zip file password by dictionary attack.Python has inbuilt module for zip file which we import at starting of script; then we import optparse ,this allow user to specify user to zip file & dictionary file.Then import threading this allow simultaneous testing of multiple passwords from dictionary.
#!/usr/bin/python
import zipfile
import optparse
from threading import Thread
def extractFile(zFile, password):
try:
zFile.extractall(pwd=password)
print ‘[+] Found password ‘ + password + ‘\n’
except:
pass
def main():
parser = optparse.OptionParser(“usage %prog “+\
“-f -d “)
parser.add_option(‘-f’, dest=’zname’, type=’string’,\
help=’specify zip file’)
parser.add_option(‘-d’, dest=’dname’, type=’string’,\
help=’specify dictionary file’)
(options, args) = parser.parse_args()
if (options.zname == None) | (options.dname == None):
print parser.usage
exit(0)
else:
zname = options.zname
dname = options.dname
zFile = zipfile.ZipFile(zname)
passFile = open(dname)
for line in passFile.readlines():
password = line.strip(‘\n’)
t = Thread(target=extractFile, args=(zFile, password))
t.start()
if __name__ == ‘__main__’:
main()
As usual there is two function(1)main(2)extractfile
(1)main() :-
parser = optparse.OptionParser(“usage %prog “+\ “-f -d “)
Above line display usage option on terminal screen.
parser.add_option(‘-f’, dest=’zname’, type=’string’,\ help=’specify zip file’)
Individual command line option to specify zip file name ;so when we execute script we have to provide -f before zip file name.
parser.add_option(‘-d’, dest=’dname’, type=’string’,\ help=’specify dictionary file’)
Individual command line option to specify dictionary file ;so when we execute script we has to prode -d before dictionary file name.
After that there is if loop which check that if there is invalid zip file or invalid dictionary file name then it print usage message & exit execution.And if zip file name & dictionary file is valid then it saved it name to variable zname & dname.
zFile = zipfile.ZipFile(zname) : It indicate that we instantiate new zip file class by specifying file name of password protected zip file.
passFile = open(dname) :- Open the dictionary file & saved it to passFile.
for line in passFile.readlines(): This loop is executed for number of words in dictionary file.
First read lines from dictionary file ;save string to line ;then strip dictionary one by one word & saved value of word to password.
Now we call extractfile function
(2)extractFile(zFile, password):
zFile.extractall(pwd=password) :- It extract zip file with password from variable password which come from for loop & which is first word of dictionary file, if password is true than it print Found password with password.
Now if password is wrong it threw error message. & for loop is again executed from main function & now password is second word of dictionary file.
zip-file-password-crack
Usage:-
chmod +x script_name
./script_name -f zip_file_name -d dictionary_file_name
Penetration Tester `s Script 