ZIP Password crack

So i need some kind of “help”
So i was trying to crack a ZIP file which have a password !
I dont understand how to do it with HashCat
And if there is any bypass to the encryption !

Hey there,

hashcat --help | grep -i zip

11600 | 7-Zip
17200 | PKZIP (Compressed)
17220 | PKZIP (Compressed Multi-File)
17225 | PKZIP (Mixed Multi-File)
17230 | PKZIP (Mixed Multi-File Checksum-Only)
17210 | PKZIP (Uncompressed)
20500 | PKZIP Master Key
20510 | PKZIP Master Key (6 byte optimization)
23001 | SecureZIP AES-128
23002 | SecureZIP AES-192
23003 | SecureZIP AES-256
13600 | WinZip

The number are the different modules that you can use.
So if the ZIP file is a WinZip then your hashcat command would be something like this:
hashcat -m 13600 “your_zip_file.zip” /path/to/your/dictionary/file

1 Like

Thanks you man :slight_smile:

No worries :smiley:

Is there anyway to specify a file like that
Example.Zip
/NormalFile
//Normal File But With Space
///.Exe File With Space

How can i write the dirictionary of the exe which have space?

The problem is that, the first zipfile dont have pass but the files/folders have password

And if there is anyway to use my GPU for for HashCat

Think it depends on your System (I could be wrong) and there would be others here that know hashcat far better than me.
Google or DuckDuckGo is your friend on that one.
hashcat --help will provide you with a bunch of info.

And about the dictionary you dont how to pick file in the zip with space ?

@Ethernel said:
The problem is that, the first zipfile dont have pass but the files/folders have password

then that is a different situation than cracking a zip.
It then depends on what types of files you want to crack.

hashcat --help | grep -i ‘file_type’ might be a good option to start with

Thx for the help , how to +rep u ?

Type your comment> @Ethernel said:

Thx for the help , how to +rep u ?

No worries.
Wasn’t much I provided. Hopefully you work it out :smile:

:blush:

■■■ why hashcat always says that my HASH code is empty or corrupted !
the hash : dis.zip:$pkzip2$311082447512ab77bca8742da4fd653bcd20310c4d5ce30c9f1c501c61f99ccb827333d88363e4e8063878c10824fe652aee83af280fff1b375a80a6f950bf0602466db35732cef02de9cd57c96fbc02046aa9025054205ccc26996e0a222585c269922b675a64043c7fca2e9bf68d6d1442fb9e0fcd429e014d1ee4da14ff43c4691f94612cfcf620b11506f505e2b80c06195c7031f685bade56267fb68b1489bc8edfa2a213006010cda4338569fa47e6258b59243dd247a2ce2f69ad929f9$/pkzip2$::dis.zip:DBZ/Pes, DBZ/Exs/desktop.ini, DBZ/RES:dis.zip

Everyone has their own tastes, but I find fcrackzip much more effective for zip cracking.

You can create your own bruteforce utility, if you want. Like that: Zip file bruteforce utility · GitHub

@TazWake thx for the rec :slight_smile:
@limeternity thx i will check it :slight_smile:

Type your comment> @Ethernel said: > ■■■ why hashcat always says that my HASH code is empty or corrupted ! > the hash : dis.zip:$pkzip2$311082447512ab77bca8742da4fd653bcd20310c4d5ce30c9f1c501c61f99ccb827333d88363e4e8063878c10824fe652aee83af280fff1b375a80a6f950bf0602466db35732cef02de9cd57c96fbc02046aa9025054205ccc26996e0a222585c269922b675a64043c7fca2e9bf68d6d1442fb9e0fcd429e014d1ee4da14ff43c4691f94612cfcf620b11506f505e2b80c06195c7031f685bade56267fb68b1489bc8edfa2a213006010cda4338569fa47e6258b59243dd247a2ce2f69ad929f9$/pkzip2$::dis.zip:DBZ/Pes, DBZ/Exs/desktop.ini, DBZ/RES:dis.zip Review the hash examples: example_hashes [hashcat wiki] You must remove everything before $pkzip2 and after /$pkzip2 to match the right format. Safe cracks.