We had to crack a password protected ZIP file, to discover that just few hours later, we would fly to Dubai for our NVISO team building event.
This inspired me to update my zipdump.py tool. This tool can handle password protected ZIP files. Using default password “infected”, or a password that can be provided with option -p.
In this new version, you can provide a list of password in a text file using option -P. Turns out that this simple dictionary attack just using Python is surprisingly quick (at least to me): 8000 passwords per second on an average machine.
zipdump_v0_0_6.zip (https)
MD5: B605DEABFC5458488B6487B1E9104085
SHA256: DDC2CE94D250CBDE62AD1EBE650654E4A50C51F97CADF412B16A553242819772
Article Link: https://blog.didierstevens.com/2017/05/11/crack-a-zip-password-and-fly-to-dubai/