We had to crack a password protected ZIP file, to discover that just few hours later, we would fly to Dubai for our NVISO team building event.
This inspired me to update my zipdump.py tool. This tool can handle password protected ZIP files. Using default password “infected”, or a password that can be provided with option -p.
In this new version, you can provide a list of password in a text file using option -P. Turns out that this simple dictionary attack just using Python is surprisingly quick (at least to me): 8000 passwords per second on an average machine.