Read this article to learn how to access a ZIP file with an unknown password. This can only be done through a program that discovers the password that is protecting it, but it is worth noting that the process can take days to complete.
Steps
Part 1 of 3: Preparing to crack the password
Step 1. Understand the risk
You need to download a program that will “guess” the ZIP password; however, before obtaining it, be aware that this could cause a virus to enter your machine. Remember internet security practices and install an antivirus program before proceeding.
Most apps with trial versions offer only short password discovery. Be very careful when finding a program that makes the "crack" without any limitations and for free; it may be contaminated with malware
Step 2. Be prepared and be patient, as the task of “guessing” the password is something that will take a lot of time in most programs of this type
It will take them several hours to discover simple passwords; it will most likely take days to complete this search.
There is no way any application can get the password within a few minutes; anyone who promises this service is likely infected with a virus
Step 3. Close background programs
You'll need as much of your computer's processing speed as possible, so close games, media players, photo editors, and all such apps.
Even with the maximum amount of computer processing allotted to figuring out the ZIP password, it could take days
Step 4. Place the ZIP on the desktop
This is the easiest place to access on your computer, so drag it to your desktop before trying to crack it.
- If you like, copy and paste the ZIP file by selecting the folder, pressing Ctrl+C (Windows) or ⌘ Command+C (Mac), going to the desktop and pressing Ctrl+V or ⌘ Command+V.
- Once the item is on a mobile device (smartphone or tablet, for example), transfer it to a computer before continuing.
Part 2 of 3: Using “John the Ripper”
Step 1. Understand how the process works with the command line program “John the Ripper” which is free
Despite this, it is quite complicated to install and use.
Step 2. Download “John the Ripper” by accessing this website in a browser
Click on “John the Ripper 1.8.0-jumbo-1 (Windows binaries, ZIP, 34 MB)”, which is the link in the “community enhanced version” section near the bottom of the page.
Step 3. Extract the application by double clicking on the zipped file
Click "Extract", "Extract All", "Extract" again and wait for the window to open.
Step 4. Install “John the Ripper”
It cannot be added like other programs, but it can be transferred to the desktop; move your folder there and rename it to "john":
- In the extraction window that appears, click on "john180j1w".
- Press Ctrl+C.
- Open the desktop and use the shortcut Ctrl+V.
- Right click on the folder and click on “Rename”.
- Type john and press ↵ Enter.
Step 5. Place the ZIP file in the “run” folder
Copy the password protected ZIP (Ctrl+C), open the “John” folder and then the “run” folder; click on a blank space and press Ctrl+V.
Step 6. Open Command Prompt (the machine's command line program):
-
Enter the "Start" menu
- Enter command prompt.
-
Click on "Command Prompt"
at the top of “Start”.
Step 7. Change directory to the “run” folder of “John the Ripper”
Type cd desktop/john/run and press ↵ Enter.
Step 8. Enter the command “run”
Enter zip2john.exe name.zip > name.hash (replace “name” with the name of the ZIP file) and press ↵ Enter.
If the ZIP is called “hello”, type zip2john.exe hello.zip > hello.hash
Step 9. Choose the “hash” of the ZIP file
Enter type name.hash (replace “name” with the file name “hash”) and press ↵ Enter. You are now ready to try to figure out the password.
Step 10. Start password cracking
Type john.exe --pot=name.pot --wordlist=john/run/password.lst name.hash and press ↵ Enter. “John the Ripper” will start comparing the ZIP password with its password database.
- Replace "name" (in "name.pot" and in "name.hash" with the ZIP name)
- The file "password.lst" has a list of passwords and their permutations.
Step 11. Have the discovered password displayed
Once the password is guessed, the message “Session Complete” will appear at the bottom of the Prompt. Now, type type nome.pot (never forget to replace “name” with the folder name) and press ↵ Enter to see the password that will unprotect the ZIP file.
Part 3 of 3: Using Paid Programs
Step 1. Understand how this works
Most professional password cracking applications will allow them to be decoded only if they are less than a certain number of characters. However, to “guess” most of them, the user will have to buy the program.
On the positive side, paid apps generally have a handy interface and are easy to use
Step 2. Know what to look for
The program for "cracking" passwords should offer a trial period, as well as use brute force techniques to crack them.
Step 3. Download and install a professional password cracker
The programs below will have to be purchased after some time, but they are good and recommended:
- Advanced Archive Password Recovery.
- Zip Password Recovery Professional.
- ZipKey.
Step 4. Open the program after installing it
Double-click its icon on the desktop.
Step 5. Select the protected ZIP
Generally, you will need to go to “Browse”, “Open” or “Add” and find the desired item. Click “Open” or “Choose”.
Some “crackers” may give you the option to click and drag the ZIP into the program window
Step 6. Change the option to guess the password
Generally, “Brute Force” is the best alternative, but you can try “Dictionary” or some similar type to check a list of words similar to the one entered.
The “Dictionary” method is most effective when you know at least part of the password or phrase you were using, but not the exact characters or if they were uppercase or lowercase
Step 7. Start the ZIP password guessing process
Click “Start” or “Run” and wait for the attempt to find the password to finish. As stated earlier, this can take several days.
Step 8. Check the “cracked” password
When it is discovered, a notification will pop up in the program; use the password to open the ZIP file.
Tips
-
There are a few possible approaches to programs that discover passwords. For best results, it is necessary to try each one of them, which are:
- Dictionary Attack: Tests a list of words. It's much faster than the other options (if it works), but it has a high chance of going wrong, as not all passwords fall into this category.
- Brute force attack: try to guess all possible combinations. Only works for short passwords or fast processors.
- Mask brute force: If you remember anything about the password, you can tell the program before it brute force attacks. For example, this will work so you only try combinations that use letters, not numbers.
- In some cases, it is necessary to let the computer work without being used for several days for the password to be discovered.
Notices
- Copying or downloading licensed programs without paying for them (or without the owner's consent) is illegal.
- Applications to discover passwords can be used legally, but only to access files that you have permission.
- Brute force attacks can take a long time, depending on your processor speed. Some computers even crash due to the work the program requires from the processor after days of trying to figure out the password.