ARCHIVE CRACK - PYTHON

A pretty basic script to crack an archive password by trying every line in a given text file (words.txt) as the password. The archive is encrypted with the password "passwordy".

WORD LIST

In this example the password is written into the list so success is guaranteed. If the password were not known then the world list would have to be pretty intelligent, or it would take a long time to find the correct result. Initially, words.txt was a list of 400k~ English words, but that wouldn't help with P@ssword, 123456 or passwordy. An intelligent word list would start with the most common passwords to reduce time. Going through permutations of the word "password" + a few characters could have it cracked pretty quickly.

with open("words.txt", "r") as the_text:
    for entry in the_text.readlines():
        password = entry.strip('\n')
        try:
            with zipfile.ZipFile('arch.zip', 'r') as zf:
                zf.extractall(pwd=password)
                print '[+] Found password = ' + password + '\n'
                exit(0)
        except:
            pass

SCRIPT

First, the script opens the file words.txt in read mode. Using 'with open' ensures that the file is closed properly afterwards.

	with open("words.txt", "r") as the_text:

Next, the script opens a for loop, so it will do the following action for every line in the textfile - take the line, strip the whitespace and assign it to the variable 'password'.

	for entry in the_text.readlines():
        password = entry.strip('\n')

Next it opens the zipfile and tries the password. If it is successful, it prints "+ Found password = password" and exits. If it is unsuccesful it tries the next line. The try and except is a good way to run through this cycle.

try:
    with zipfile.ZipFile('arch.zip', 'r') as zf:
        zf.extractall(pwd=password)
        print '[+] Found password = ' + password + '\n'
        exit(0)
except:
    pass

It's not perfect because it strips whitespaces. Any spaces in the password would be removed, so multiword passwords would not work. Python probably isn't the best language for this. It's pretty slow, and even a few hundred thousand words can take a minute to be cycled, but it's a great chance to demonstrate the value of a strategic word list.