frackzip is a handy little tool to crack zip files.
There are generally two approaches to cracking a zip file.
The first (quicker option) is to apply a wordlist for the tool to try. If it finds a match, it will open the file.
The second (longer) method is to brute-force the file, whereby the software simply keeps trying passwords until it hits the right one. Depending on the complexity of the password this could take a seriously long time.
If you have some idea of the contruction of the password, then you could use the crunch tool to generate a wordlist based on certain criteria.
For example, if you knew for certain that the password was 6-characters long, that it began with a capital letter, followed by 3 more letters in lower-case, and ends with 2 numbers, then you could create a word-list using the following:
root@kali:~# crunch 6 6 -t ,@@@%% -o mylist.txt
To break that down, the first two numbers (6 6) represent the minimum and maximum length of string to generate.
the -t option specifies the pattern type:
, represents an uppercase letter
@ represents a lowercase letter
% represents a number
^ (just for completeness, not used in my example) represents ASCII symbols.
the -o option is the name of the file you wish to generate.
This file would be around 300mb
You can massively reduce the file, if you know a bit more information. For example, lets say that we know that characters 2 & 3 are definitely “f” and “j” and we know the first number is definitely a 5.
We could adjust our crunch request as follows by adding in what we know:
root@kali:~# crunch 6 6 -t ,fj@5% -o mylist2.txt
this reduces the file size from 306mb to 47kb!
We can now use this file in fcrackzip to see if it works: