fcrackzip.txt

解加密的zip文件的密码的程序

FCRACKZIP(1)                                         FCRACKZIP(1)


NNAAMMEE
       _f_c_r_a_c_k_z_i_p - a Free/Fast Zip Password Cracker

SSYYNNOOPPSSIISS
       ffccrraacckkzziipp  [-bDBchVvplum2]  [--brute-force] [--dictionary]
       [--benchmark] [--charset characterset]  [--help]  [--vali-
       date]  [--verbose] [--init-password string/path] [--length
       min-max]  [--use-unzip]  [--method  name]  [--modulo  r/m]
       file...

DDEESSCCRRIIPPTTIIOONN
       _f_c_r_a_c_k_z_i_p  searches each zipfile given for encrypted files
       and tries  to  guess  the  password.  All  files  must  be
       encrypted  with the same password, the more files you pro-
       vide, the better.

   OOPPTTIIOONNSS
       --hh,, ----hheellpp
              Prints the  version  number  and  (hopefully)  some
              helpful insights.

       --vv,, ----vveerrbboossee
              Each -v makes the program more verbose.

       --bb,, ----bbrruuttee--ffoorrccee
              Select  brute  force  mode. This tries all possible
              combinations of the letters you specify.

       --DD,, ----ddiiccttiioonnaarryy
              Select dictionary mode.  In  this  mode,  fcrackzip
              will read passwords from a file, which must contain
              one password per line and should be  alphabetically
              sorted (e.g. using ssoorrtt((11))).

       --cc,, ----cchhaarrsseett cchhaarraacctteerrsseett--ssppeecciiffiiccaattiioonn
              Select  the characters to use in brute-force crack-
              ing. Must be one of

                a   include all lowercase characters [a-z]
                A   include all uppercase characters [A-Z]
                1   include the digits [0-9]
                !   include [!:$%&/()=?{[]}+*~#]
                :   the following characters upto the end of the spe-
                    cification string are included in the character set.
                    This way you can include any character except binary
                    null (at least under unix).

              For example, a1:$%  selects  lowercase  characters,
              digits and the dollar and percent signs.

       --pp,, ----iinniitt--ppaasssswwoorrdd ssttrriinngg
              Set  initial  (starting)  password  for brute-force
              searching to _s_t_r_i_n_g, or use the file with the  name
              _s_t_r_i_n_g   to   supply   passwords   for   dictionary



                  Free/Fast Zip Password Cracker                1





FCRACKZIP(1)                                         FCRACKZIP(1)


              searching.

       --ll,, ----lleennggtthh mmiinn[[--mmaaxx]]
              Use an initial password of length  min,  and  check
              all passwords upto passwords of length max (includ-
              ing). You can omit the max parameter.

       --uu,, ----uussee--uunnzziipp
              Try to decompress the first file by  calling  unzip
              with  the  guessed  password.  This weeds out false
              positives when not enough files have been given.

       --mm,, ----mmeetthhoodd nnaammee
              Use method number "name"  instead  of  the  default
              cracking  method.  The  switch  ----hheellpp will print a
              list of available methods. Use ----bbeenncchhmmaarrkk  to  see
              which method does perform best on your machine. The
              nnaammee can also be the number of the method to use.

       --22,, ----mmoodduulloo rr//mm
              Calculate only r/m of the password.  Not  yet  sup-
              ported.

       --BB,, ----bbeenncchhmmaarrkk
              Make  a small benchmark, the output is nearly mean-
              ingless.

       --VV,, ----vvaalliiddaattee
              Make some basic checks wether the cracker works.

ZZIIPP PPAASSSSWWOORRDD BBAASSIICCSS
       Have you  ever  mis-typed  a  password  for  unzip?  Unzip
       reacted  pretty  fast  with  'incorrect password', _w_i_t_h_o_u_t
       decrypting the whole file. While the encryption  algorithm
       used by zip is relatively secure, PK made cracking easy by
       providing hooks for very fast password-checking,  directly
       in  the  zip  file.  Understanding these is crucial to zip
       password cracking:

       For each password that is tried, the first twelve bytes of
       the  file  are  decrypted. Depending on the version of zip
       used to encrypt the file (more on that later),  the  first
       ten  or  eleven  bytes  are random, followed by one or two
       bytes whose values are stored elsewhere in the  zip  file,
       i.e.  are known beforehand. If these last bytes don't have
       the correct (known)  value,  the  password  is  definitely
       wrong.  If  the  bytes  are correct, the password _m_i_g_h_t be
       correct, but the only method to find out is to  unzip  the
       file and compare the uncompressed length and crc's.

       Earlier  versions of pkzip (1.xx) (and, incidentally, many
       zip clones for other operating systems!) stored two  known
       bytes.  Thus  the  error  rate was roughly 1/2^16 = 0.01%.
       PKWARE  'improved'  (interesting   what   industry   calls



                  Free/Fast Zip Password Cracker                2





FCRACKZIP(1)                                         FCRACKZIP(1)


       improved)  the  security of their format by only including
       one byte, so the possibility of  false  passwords  is  now
       raised  to  0.4%.  Unfortunately,  there is no real way to
       distinguish one byte from two byte formats, so we have  to
       be conservative.

BBRRUUTTEE FFOORRCCEE MMOODDEE
       By default, brute force starts at the given starting pass-
       word, and successively tries all combinations  until  they
       are  exhausted,  printing  all  passwords that it detects,
       together with a rough correctness indicator.

       The starting password given by the  _-_p  switch  determines
       the  length.   fcrackzip  will  not currently increase the
       password length automatically, unless  the  _-_l  switch  is
       used.

DDIICCTTIIOONNAARRYY MMOODDEE
       This  mode  is similar to brute force mode, but instead of
       generating passwords using a given set of characters and a
       length,  the  passwords  will be read from a file that you
       have to specify using the _-_p switch.

CCPP MMAASSKK
       A CP mask is a method to obscure images or parts of images
       using  a  password.  These obscured images can be restored
       even when saved as JPEG files. In most of these files  the
       password  is  actually  hidden  and  can be decoded easily
       (using one of the many available viewer and  masking  pro-
       grams,  e.g.  xv).  If you convert the image the password,
       however, is lost. The ccppmmaasskk crack method can be  used  to
       brute-force these images. Instead of a zip file you supply
       the obscured part (and nothing else) of the image  in  the
       PPPPMM-Image  Format  (xxvv  and  other  viewers  can easily do
       this).

       The ccppmmaasskk method can only cope with password composed  of
       uppercase letters, so be sure to supply the ----cchhaarrsseett AA or
       equivalent option, together with a suitable initialization
       password.

EEXXAAMMPPLLEESS
       ffccrraacckkzziipp --cc aa --pp aaaaaaaaaaaa ssaammppllee..zziipp
              checks  the  encrypted  files in sample.zip for all
              lowercase 6 character passwords (aaaaaa ...  abaaba
              ... ghfgrg ... zzzzzz).

       ffccrraacckkzziipp ----mmeetthhoodd ccppmmaasskk ----cchhaarrsseett AA ----iinniitt AAAAAAAA tteesstt..ppppmm
              checks the obscured image  tteesstt..ppppmm  for  all  four
              character  passwords.   -TP  ffccrraacckkzziipp  --DD --pp ppaassss--
              wwoorrddss..ttxxtt  ssaammppllee..zziipp  check  for  every   password
              listed in the file ppaasssswwoorrddss..ttxxtt.





                  Free/Fast Zip Password Cracker                3





FCRACKZIP(1)                                         FCRACKZIP(1)


PPEERRFFOORRMMAANNCCEE
       _f_z_c,  which  seems  to  be  widely used as a fast password
       cracker, claims to make 204570 checks  per  second  on  my
       machine (measured under plain dos w/o memory manager).

       _f_c_r_a_c_k_z_i_p,  being written in C and not in assembler, natu-
       rally is slower. Measured on a slightly loaded unix  (same
       machine),  it's  12  percent slower (the compiler used was
       _p_g_c_c, from hhttttpp::////wwwwww..ggcccc..mmll..oorrgg//).

       To remedy this a bit,  I  converted  small  parts  of  the
       encryption core to x86 assembler (it will still compile on
       non x86 machines), and now it's about 4-12 percent  faster
       than  _f_z_c  (again,  the _f_c_r_a_c_k_z_i_p performance was measured
       under a multitasking os,  so  there  are  inevitably  some
       meaurement  errors), so there shouldn't be a tempting rea-
       son to switch to other programs.

       Further improvements are definitely possible: _f_z_c  took  4
       years  to  get  into  shape,  while  fcrackzip  was hacked
       together in under 10 hours. And not to forget you have the
       source,  while  other programs (like _f_z_c), even come as an
       _e_n_c_r_y_p_t_e_d _._e_x_e file (maybe because their  programmers  are
       afraid  of  other people could having a look at their lack
       of programming skills?  nobody knows...)

RRAATTIIOONNAALLEE
       The reason I wrote _f_c_r_a_c_k_z_i_p was NNOOTT to have  the  fastest
       zip  cracker  available,  but  to provide a _p_o_r_t_a_b_l_e, _f_r_e_e
       (thus _e_x_t_e_n_s_i_b_l_e), but still _f_a_s_t zip password cracker.  I
       was   really  pissed  of  with  that  dumb,  nonextendable
       zipcrackers that were either slow, were  too  limited,  or
       wouldn't run in the background (say, under unix). (And you
       can't run them on your superfast 600Mhz Alpha).

BBUUGGSS
       No automatic unzip checking.

       Stop/resume facility is missing.

       Should be able to distinguish between files  with  16  bit
       stored CRC's and 8 bit stored CRC's.

       The benchmark does not work on all systems.

       It's still early alpha.

       Method "cpmask" only accepts ppms.

       Could be faster.

AAUUTTHHOORR
       _f_c_r_a_c_k_z_i_p  was written by Marc Lehmann <pcg@goof.com>. The
       main         _f_c_r_a_c_k_z_i_p         page         is          at



                  Free/Fast Zip Password Cracker                4





FCRACKZIP(1)                                         FCRACKZIP(1)


       hhttttpp::////wwwwww..ggooooff..ccoomm//ppccgg//mmaarrcc//ffccrraacckkzziipp..hhttmmll)
























































                  Free/Fast Zip Password Cracker                5