How hackers crack password protected ZIP files

As a Software Engineer, I can say stand that this is what I call a basic brute force for a Zip File.

iota

By the power of exponents its simply better to have a longer password than it is to have a more complicated one, that is why I always suggest pass phrases over passwords. Pass phrases are easier to remember and don't require special characters. Of course if you are restricted to shorter but more complicated passwords, you SOL lol.

TizzyT

This is a very educational video, for education talk purposes! That being said, this will be fun to *demonstrate* to my friends :)

blackhole

Raj woke up and said to himself hey lets make a video on ancient old cracking technique.

gigachadkartik

Zip files are literally the fastest stuff to crack if you are bored

InnerEagle

I have a zip file, that I had password protected about 2 decades ago (and forgotten the password in the meantime). Thanks to this video, I brute-force cracked it with my RTX 3090 in about 14 minutes! The password was 4 lowercase letters and 4 numbers. Thank you :)

technoshamanarchist

Thankfully I use a password manager. I actually started to use a password manager because I couldn't remember all my passwords. I have now changed all my passwords to passwords generated by my password manager, which are all strong. Of course there are a few websites that just force me to have a shorter password than 26 characters, which I really hate.

ego-lay_atman-bay

Finally,
I can extract password protected cracks that the provider did not give me

مستخدم.جديد

What is shown in the end of the video as a "strong" password is not really strong. There are just lowercase letters, uppercase letters, numbers and a few common special characters. In total, thats probably less than 100 different character posibilities. And the password is just 14 characters long. So you have 100^14 possible combinations. Which seems like a lot, but then again, the algorithms are really fast.

Now imagine a password like
"Oh my Gosh I'd L0VE to eat a chocolate bar ryght now.". That's 52 characters, easy to remember and because of the spelling mistake in "right", dictionary attacks will fail. The long password would be much harder to crack by a brute force attack.

shadymedic

You have totally encouraged me to pursue the life of criminal hacker. You are the best. I subbed for more tips on how to be successful at crime!

bitlong

Brute force is effective, if you have time to wait.

mastuart

Given the age of the zip format, it's surprising that cryptanalysis has not found a way to speed this up and in 2023 our best method is still plain brute force

caiocc

Yeh, thanks for educational purpose 😂

RajeshNikam

It's all about ZIP files that were invented 30 years ago. What about RAR or 7Z file formats? 🤨

xF

I remember needing this video like 7-8 years ago

hamzazain

Thank you now i can get into my friends "homework folder"
He says There is somethkng bad inside idk whats bad about homework

gonzotrash

what you do if trying the zip2hjohn to obtained the hash but it said file is not encrypted, but the zip have password

harithjamadi

Hey dude, are you the indian in catching scammers video by jim ?!

amircool

Oh, so that explains why I got my Steam account hacked on 4/20/2023. My Steam account wasn’t fully recovered until 4/23/2023. I’m sure a good handful of people who played games through Steam got their accounts hacked at least once tbh.

X-JAKA

Chances are, a layman has no idea what a hash is.
By the way, what does it mean to convert a zip file into a hash?
I have no idea how zip files are encrypted using a password and what the format of the hash value stored in the file is.
I cannot reproduce what you did.

aouerfelli