PayPal 0% Finanzierung Einfache Retouren-Abwicklung Newsletter
Hilfe & Kontakt
PayPal 0% Finanzierung
Einfache Retouren-Abwicklung
Newsletter
Hilfe & Kontakt
Bosch WW Besser Bosch

#!/bin/bash if [ $# -ne 1 ]; then echo "Usage: $0 <encrypted.zip>" exit 1 fi ZIPFILE=$1 HASHFILE="$ZIPFILE.hash"

Using zip2john :

john --wordlist=/usr/share/wordlists/rockyou.txt zip_hash.txt If successful, the password appears within seconds. For stronger passwords, you can enable rules:

7z a -p"secret" -mhe=on -tzip archive.zip folder/ The -mhe=on flag hides the file list (header encryption), something the standard zip command cannot do. When dealing with untrusted ZIP files (e.g., malware samples), you must extract safely without executing any embedded scripts or auto-run features.

bsdtar -xf suspicious.zip To list contents without extraction:

You have an encrypted ZIP and one of its original unencrypted files (e.g., a README.txt or a default config).

unzip -l suspicious.zip For repeated use, save this script as zipcrack.sh :

PASSWORD=$(john --show "$HASHFILE" | cut -d: -f2 | head -1)

zip -e -o archive.zip files/ -P "pass" Then verify encryption type:

zip --password "MyStr0ngP@ss" -e -r archive.zip sensitive_folder/ To enforce AES-256 (not legacy ZipCrypto), use:

echo "[*] Extracting hash..." zip2john "$ZIPFILE" > "$HASHFILE"

# Safe extraction into a read-only, no-exec mount mkdir /mnt/safe_extract mount -t tmpfs -o ro,noexec,nodev,nosuid tmpfs /mnt/safe_extract unzip suspicious.zip -d /mnt/safe_extract Alternatively, use bsdtar (libarchive) which is less prone to parser vulnerabilities:

In the world of penetration testing and information security, the humble ZIP file is a double-edged sword. For a Kali Linux user, zip is not merely a compression tool—it is a forensic artifact, a vector for payload delivery, and often a locked door requiring a key. This guide explores how Kali Linux interacts with password-protected ZIP archives, from brute-force cracking to secure self-extraction. 1. The Forensic Challenge: Cracking ZIP Passwords During a penetration test, you may recover a password-protected ZIP file from an email attachment, a backup drive, or a compromised server. The goal is to extract its contents without the password. Kali Linux provides two primary tools for this: John the Ripper and Hashcat . Step 1: Extract the Hash ZIP encryption (PKZIP, WinZip/AES) cannot be cracked directly. First, you must convert the archive into a hash string that cracking tools understand.

zip2john protected.zip > zip_hash.txt This tool extracts the hashed password from the archive. For modern AES-256 encrypted ZIP files, zip2john will still work, but the resulting hash format is different (often starting with $zip2$ ). With the hash file ready, use John in dictionary mode: