Akshatbauskar

Brute Force ZIP File Password in Python

Brute Force ZIP File Password in Python

Akshat Bauskar's photo
Akshat Bauskar
·

6 min read

Hello Coders!!

A ZIP file is simply a collection of one or more files and/or folders but is compressed into a single file for easy transportation and compression.

In this blog, I'll tell you how we can crack any password-protected zip file using a Python script that tries to crack a zip file's password using a dictionary attack.

In this blog:-

1. What is brute force
2. How to create zip cracker

What is a Brute Force

A brute force attack (also known as brute force cracking) is the cyberattack equivalent of trying every key on your key ring and eventually finding the right one. Brute force attacks are simple and reliable. Attackers let a computer do the work – trying different combinations of usernames and passwords, for example – until they find one that works.

How to create zip cracker

As mentioned earlier we will be using a dictionary attack, which means we are going to need a wordlist to brute force this password-protected zip file. We will be using rockyou.txt wordlist for this tutorial, if you are using Kali Linux for this you can find this file at location /usr/share/wordlists/rockyou.txt.gz otherwise, you can download it rockyou.

Prerequisites:-

You should have Tkinter installed in your system for making a graphical user interface, You need to install the zip file module.

pip install zipfile36

Let's code

Now as we have successfully downloaded zip file and Tkinter module let's import them.

#!/usr/bin/python

from zipfile import ZipFile
from tkinter import *
from tkinter import ttk
import time

ttk is used to make the progress bar using Tkinter 

class MyWindow:
    def __init__(self, win):
        self.lbl1 = Label (win, text= ' Enter the file name :- ')
        self.lbl3=Label(win, text='Password Found')
        self.t1=Entry()
        self.t3=Entry()
        self.lbl1.place(x=10, y=50)
        self.t1.place(x=200, y=50)
        self.b1=Button(win, text='Go', command=lambda: [self.main(), self.step()])
        self.lbl3.place(x=10, y=200)
        self.t3.place(x=200, y=200, width=180)
        self.b1.place(x=160, y=100)
        self.progress = ttk.Progressbar(win, orient=HORIZONTAL, length=300, mode='determinate')
        self.progress.place(x= 55, y=150)

In this we have created 2 entry boxes with the variable name self.t1 and self.t3, one is for input, and the other is to display the password found during brute-forcing. With the button defined as self.b1 it invokes two commands with the help of lambda function, this lambda function will execute self. main() and self.step(). To define places of the label, button, progress bar, and entry box we have used the place() function. Here ttk.Progressbar invokes the progress bar on the display window.

Untitled design(2).png

def main(self):
        self.t3.delete(0, "end")
        filename = self.t1.get()
        dictionary = 'rockyou.txt'
        password = None
        with open(dictionary, 'rb') as f:
            for line in f.readlines():
                password = line.strip()
                with ZipFile(filename)as zf:
                    try:
                        zf.extractall(pwd=password)
                        self.t3.insert(0, password.decode().strip())
                        break
                    except:
                        pass

Now we have defined our main function, where we get the input entered by the user(filename) with get() method then we load our rockyou.txt file and open it with read binary mode and start reading the file content one by one and then tries every password combinations present in the file to crack the zip file using command zf.extractall(pwd=password) and if the password does not match the required password then it read next line from the file and try it.*

Note:- Python file and the password-protected zip file should be in the same folder

def step(self):
        for x in range(5):
            self.progress['value'] +=50
            time.sleep(1)

the step function is used to show the progress bar movement self.progress['value'] +=50 defines that the progress bar will travel 50 percent and that another 50 percent

Untitled design(3).png

window=Tk()
mywin=MyWindow(window)
window.title('Zip cracker')
window.geometry("400x300+10+10")
window.mainloop()

window=Tk() this tk() command is used to create a top-level window (root) having a frame with a title bar, a control box with the minimize and close buttons, and a client area to hold other widgets. window.title to add the title to the window The geometry() method defines the width, height, and coordinates of the top left corner. The application object then enters an event listening loop by calling the mainloop() method. The application is now constantly waiting for any event generated on the elements in it.

Glimpse of the code:-

ezgif.com-video-to-gif.gif

Follow me on Instagram techworld_security

Github repository for code zipcrack.py

Happy coding!!!

2Articles1WeekPython 3Hashnode