saynr2024 10 Crack Passwore-Protected ZIP Fes, POF & More with Zyara « Null Byte WonderHowTo Crack Password-Protected ZIP Files, PDFs & More with Zydra ByDRO_ © BAM Coats) PASSWORD CRACKING] [CYBER WEAPONS LAB wverybody knows not to store sensitive information in unencrypted files, right? PDFs and ZIP files can often contain a treasure trove of information, such as network diagrams, IP addresses, and login credentials. Sometimes, even certain files that are encrypted aren't safe from attackers. That's where Zydra comes in — a tool for cracking RAR files, ZIP files, PDF files, and Linux shadow files. How Are These Files Encrypted? Depending on the program used and its version, these sorts of files could be passw using various encryption algorithms. For example, the Linux command line zip utility uses the older PKZIP algorithm, which is insecure and easy to ‘, Other programs, like WinZip and 7-Zip, use strong AES-256 encryption. Earlier versions of the RAR protocol use a proprietary encryption algorithm, while newer versions use htpssnul-byte.wonderhowto.comnow-tolrack-password-protected.zip-fles-pals-moro-withzydra 0207607! ane‘azo How to Crack Passwort Protected 21 Fes, PDFs & Mor with Zia « Nu Bye WorderHow To To begin, we need to download Zydra from —use the wget utility to grab the right from the command line: Se ees eee Sean a UL LAT YE oy PLC CR CES er eee ee SUM LS Lar VLE a ee Coco MU arrest eens Sop scni trace eee SCM ECM CSET eas Uae e scart POUCA Sen eases ECree Te PELTED aes ts eed Rese ee OM ecerg/ stro EAC en Pare Bro POLO CE er REALE Next, and this step is completely optional, let's rename the script making it entirely lowercase. If you're lazy like me, it's just one less key to press: RAL ESC) We also need to install some dependencies for Zydra to work properly — it uses , so we can use pip3 to install the extra module: SO SCE eC emer seCM stata) SCC eet Peerttirariasets eesercrec ny Ce ees er errs CesT Ce ee NILE eter rc) CORE) Collecting py-term Perec erua ec Aes aCe) Cerra oe Camco Cae eee ee eC) Building wheel for rarfile (setup.py) ... doni ee oe mee ceCre eC a este ee mn MSEC LURE aL eee Ura ee ee ese me Sy eee LYLE eet iat yy eter) Building wheel for py-term (setup.py) ... dont eee oe oe ee CS eee eee eee UNC race ees Metso Sey YL EYELISEEL CECE LTTE TELTeD Bere uemirite essa cn) pun Srbe Or oe Cet Ieee oe eC Eres melee cs Rm Mast Ceee Now we should be ready to run Zydra using the pythong command: hitpssnul-byte,wonderhowto.comMnow-tolrack-password-protected-zip-fles-pals-more-withzydra 0207607! aneHow to Crack Password-Protected ZIP Files, POFs & More with Zydra « Null Bye : WorderHowTo eeu merrsurt aaa) TCL ems Cum cu Bete Ce ree ae meses Come CT etes CRS Ce ee ee eeaee CMe RC ms) ee mC Les ae aca Evryee SCT RS Stree eC ees cr re SU Land ee a nee as ew ool cee Sra stasis C ee Cree NT Sarl perth eee) Peyote arse acts Oh seers AS ane Dea Peers Sass SCC stccat tse se Lace e DUOC ae ease Re oa steer era) Te a eee eC ee Ce Ca etc) This gives us a nice little banner, a usage example, and some information about some of the options available, It also gives us an error stating it needs a file, and tells us to use help for more info; this will give us more details and options: Serer eens eee eersore Coed hitpssnul-byte wonderJo Crack Password-Protected ZIP Fes, POFS & More with Zyara « Null Byte WondetHowTo Usage: zydra.py [options] [args] Coste Ce eee meass Come Cn bees CORRS Ce re ee aese Ce ms) ee mC ee eae cy ECCS ee SCA To Stree a eC esc iee cr re SU Land a ee a nee ase ool cc Le Lcd Pstsst USCC ae NT Sarl errs tSe e SEee Ty punctuation characters !#$%8'()*+,-./:5<=>?@[\]°_{1}~"" Peers Senos SCs teat pts seas cacao BUC ae ease Re oa sce ea) Cece a SCR CRC R ce ests i cag s ee ests Ce Casta iage sels -f FILE cematstm a eet Ser Cas eee aeons 4 Pn es ee esc Cars ame es Baie me ste Cet Cy eae Before we can run Zydra, we will need some files to test it out on, I have created a RAR file, ZIP file, and PDF file that you can download and use to follow along. The password for all three of is "password!" as you'll soon find out. There is also a shadow file you can download, wh from the Metasploitable virtual machine. + Download: all test files | rar test| zip test | .pdf test | shadow test Well also need a suitable wordlist. Since our password for these files is pretty simple, we'll use a minimal list for demonstration purposes — this one from the SecLists GitHub repo will work: Ba ca es See eee aC Ces Ca eee cee eo CE CRC Hemet eee se cee soe eestay rece eey ey] Pomona Uraeer est erecta Cre rath tas tats) ee re SS EERE CSRs Connecting to raw.githubusercontent.com (raw.githubusercontent .com)|151.101.0.133|:443. oe sar ee eee eee VU RRC Cae oue SU Rsca Cees SC Ree CL i 2020-07-15 19:08:05 (3.10 MB/s) - ‘darkweb2017-topie.txt’ saved [81/81] htpssnul-byte wonde smore-wir-zysra-0207sarveoas How to Crack Passwort Protected ZIP Fes, PFs & More wih Zyrm« Nu Byte: WonderowTo AES, WinRAR and PeaZip, popular choices that can deal with RAR files, also use the AES standard. + Don't Miss: Crack Shadow Hashes After Getting Root on a Linux System If you're using Linux, it's easy to create PDFs in LibreOffice by exporting regular word documents, and there's even an option to password protect the newly created file. Older versions of LibreOffice use the Blowfish algorithm to encrypt files, but versions 3.5 and up use AES, Other methods to create PDF files include Microsoft Office and Adobe Acrobat — Office versions 2007+ and Acrobat versions 7+ all support AES encryption. Linux shadow files themselves are not encrypted, but the passwords contained within them are. Encryption algorithms used for these can vary depending on the system, but MDs, SHA-S12, SHA- 256, Blowfish, and DES are all commonly used. How Hackers Use Zydra to Crack Password-Protected Files Download & Set Up Zydra htpsnul-byte,wonderhowto.comow-tolrack-password-protected.zip-fles-pdls-moro-withzydra 0207607! anesarna024 How to Crack Password-Protected ZIP Files, POFs & More with Zydra « Null Bye : WorderHowTo At this point, we are ready Cracking RAR Files Zydra can operate in two modes: and . In dictionary mode, we just need to supply a wordlist with the -d flag. We also need to specify the file we are trying to crack using the flag: Se LE Le ean See RCT sees od eeeaaaaaae: Ree Resse raaaaaaaaaa ces Start time ==> Wed Jul 15 19:@8:15 2020 See a ee eeu OMe Lees [*] Count of possible passwords: 10 CEE eee Luau Cea Cee rey Cer reeeey ot) Once it starts, it gives us the possible password count (basically, how many lines there are in the wordlist) and a progress bar. It doesn't take long before it finds the password and tells us what it is For brute force mode, we need to set a few more options. We still specify the file to crack, but now we can use the -b flag to set the character types to use for brute forcing. The minimum and maximum length of the password can also be set now, using the -m and -x flags, respectively: ST Nea a ae as) hitpsnul-byte.wonderhowto.comMow-tolrack-password-protected-zip-fles-pals-moro-witzydra-0207607/ ezsarna024 How to Crack Password-Protected ZIP Files, POFs & More with Zydra « Null Bye : WorderHowTo Start time ==> Wed Jul 15 19: Soeur Re cuece Reet a esc ee can’ As you can see, the number of potential passwords is quite large, so while this feature can be useful in certain cases, most of the time it is wise to use the dictionary mode. Now that we have the password, we can extract the contents of the RAR file with the following command: Pee ae Tee ee ec oS Te ORC ECW VCC UL CrLLTy Crest i eee Care Cera a ac) Ces Cracking ZIP Files Cracking ZIP files works pretty much the same way — we'll only use dictionary mode from here on out since it is way more efficient. Just specify the file to crack and wordlist to use: SET a mea ee ete on ec eosd hitpsnul-byte,wonderhowto.comow-tolerack-password-protected-zp-fles-pafs-more-wit-zydra-0207607 meHow to Crack Password-Protected ZIP Files, POFs & More with Zydra « Null Bye : WorderHowTo a] CO eee sUse cea) Start time ==> Wed Jul 15 19:09:45 2020 Soeur er Ret su eC ei est es eRe es CEE rere CTE eee nt eS eee eure Ts End time ==> Wed Jul 15 19:10:18 2020 eaisCi es Cee Tce ett} We can see it found the password again with no issues. contents of the ZIP archive, use the unzip command: ~$ unzip nb-zip.zip Poe est eesey cieat esc ecu Ceca ee rti Cracking PDF Files For Zydra to work with PDF files, we need to install a program called qpdf first: Se eeu ag Cora ete cee Eitan ramsasy Peru ett eee Sree Ope Uret st tise rt oy emer m ee eC) peer r) SeeObeet an i cere ete et peters © upgraded, 2 newly installed, @ to renove and 568 not upgraded Ree eo eee seers ae reae ters ea eer cc eae eee a PCs n/t Case ss yore cot Porm eee er Uc ec ee MCLE y Get:2 http://kali.download/kali kali-rolling/main and64 qpdf andé4 10.0.1-2 [537 kB hitpssnul-byte wonderHow to Crack Password-Protected ZIP Files, POFs & More with Zydra « Null Bye : WorderHowTo eee ener nyo) Petes ta aae Cro Stee Rc me ets (Co Cc Ce ere eC race a sme c SCE Cee UR Caer eC eee nes Ue eUreet arte et eto) Pots uaa Cre Matus Catt SUR eee ae ee at) Unpacking qpdf (1@.@.1-2) . Paseurat etre iru eC eo ae peas aU eC eee) Processing triggers for libc-bin (2.30-4) Processing triggers for man-db (2.9.1-1) Cees Unie ee Can CoEeL CTT eae) ee mn crack the PDF by providing the file and wordlist to u eT Le ean eer Se ae Cuore Caos Ce Sy Author : Hamed Hosseini Co oe} Start time ==> Wed Jul 15 19:10:38 2020 See ae Ree cU e Cae ea ee Ca Le [*] Count of possible passwords: 10 Dee eee Coenen ee eS once omit con ss metre Coa sme End time ==> Wed Jul 15 19:10:55 2020 ecteC est eeec rc ecret ey) ‘Again, we can see it found the password, but this time there is an additional dialogue. This is simply telling us the file is a decrypted version of the original, which we can verify with the file command: Reo mee Cy Cece RC eo eC eed htpssinul-byte.wondernowsarna024 How to Crack Password-Protected ZIP Files, POFs & More with Zydra « Null Bye : WorderHowTo Cracking Shadow Files Zydra will automatically attempt to crack the for any users found in Linux shadow files. While it's not always successful, this can be a good method to try out first since it is quick and easy. All we need to do is specify the file with the -f flag and the wordlist with the -d flag: Se ea Cece Sc aac aneeaaaaaaaaag eee Feecemmenmeaeaeeet Start time ==> Wed Jul 15 19:11:03 Soeur Reet su eC a ee ena OCs [**] cracking Password for: root eee ee ee [-] password not found eee R sue) ieee eeu 2 klog ieee seu err) ieee ssa aerate ieee ssa fey lease aeastc Cesc CC ISttE eo esc es Cee rei We can see it finds several users, but since we are only using a simple wordlist, it fails to find the password for any of them. Like any other cracking tool, using a more extensive wordlist will increase your chances of successfully |, but it will also take longer. htpsnul-byte,wonderhowto.comow-tolrack-password-protected.zip-fles-pdls-moro-withzydra 0207607! sonesarnre024 How to Crack Password-Protected ZIP Files, POFs & More with Zydra « Null Bye : WorderHowTo Wrapping Up In this tutorial, we explored a tool called Zydra and how it can be used to crack password- protected RAR files, ZIP files, PDF files, and Linux shadow files. While we cracked these with little to no difficulty, using strong passwords will greatly increase the time and effort it takes to do so. Don't Miss: How to Crack SSH Private Key Passwords with John the Ripper Want to start making money as a white hat hacker? jump-start your hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from cybersecurity professionals. Buy Now (90% off) > Our Best Hacking & Security Guides New Null Byte posts — delivered straight to your inbox. Your Email ©& SUBSCRIBE NOW About U: Don't Miss 4 STB Pree erates htpssnul-byte.wondernowto.comMow-tolrack-password-protected-zip-fles-pals-more-witzydra-0207607/sarnr2024 How to Crack Password-Protected ZIP Fes, POF & More with Zydra « Null Byte es ene S 14 Improves Siri on Your iPhone Ore aCe os tS uEOar) Eons sear) Se OS ECR Ce. a: OOP Te teu earn do not sell personal information to 3rd parties htpsnul-byte,wonderhowto.comow-tolrack-password-protected.zip-fles-pdls-moro-withzydra 0207607! WondertiowTo rate