Thursday, January 10, 2013

Backtrack Forensics: fcrackzip

Menu: Forensics -> Password Forensics Tools
Directory: /usr/local/bin/fcrackzip

For me this is more an offensive tool, but no doubt it can be useful in forensic investigations. This is a simple zip password cracker utility, it can run in brute force mode or in dictionary mode, where of course we can provide a list of passwords. When using brute force mode we can specify the length, character types, init strings for the password.

A few examples:

fcrackzip -b -l 1 -c 'aA1' /root/Desktop/ - brute force mode, pw length 1, characters can be lower or upper case letters and numbers
fcrackzip -b -l 1 -c 'aA1' -u /root/Desktop/ - same as above additionaly using unzip to verify password
fcrackzip -D -u -v /root/Desktop/ -p password.txt - dictionary mode with detailed output

Official website:

No comments: