Menu
how to unzip a password protected file using dotnetzip or sharpziplib (if the password is not known).
735
GPL-3 zip password-cracking code: http://oldhome.schmorp.de/marc/fcrackzip.html
Using the Ubuntu-supplied packages, it took my machine 19 seconds to crack the password of the supplied sample .zip file (as described in the README).
131
Passwords in the zip file format are applied to the compressed file entry data. This means that there is not a single password for a zip file. There are N zip entries in a zip file, and each one can have a distinct password, or no password at all. Sometimes you get zipfiles that use the same password for all entries, but this is not required by the specification, nor is it forced by DotNetZip.
Using DotNetZip, you can implicitly read the "central directory" of the zip file to get the list of files (or entries) in the zip file, without using any password. Once again, remember the password applies to the zip entry, not to the zip file itself.
So, something like this:
using (var zip = ZipFile.Read("myzip.zip")) {
foreach (var e in zip.Entries) {
System.Console.WriteLine("Entry: {0}", e.FileName);
}
}
... will print out the list of the names of the entries in a zip file, whether or not any of the entries are protected by a password.
If you want to try to "crack" the password for a password-protected entry, you can repeatedly call ZipEntry.ExtractWithPassword(password). It will throw an exception for an incorrect password.
I think if you were serious about cracking a zip, you'd do it in C or C++, using a much smarter algorithm.
42
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
