Cracking A Password Protected Zip File Using Kali Linux Hacking Tools

We often use zipped files to store large files due to its small size and strong encryption algorithm. The zipping utility also comes with a facility of password protection which maintains the security of the files. However, sometimes it so happens that this feature turns into a nightmare if we forget the password.

Hacking a password protected zip file can be done with many password cracker utilities available online. However, if you are a Kali Linux user, password cracking becomes that much more easy with an open-source tool called fcrackzip.

Fcrackzip is a fast password cracker partly written in assembler and available for Kali Linux. It is able to crack password-protected zip files with brute force or dictionary-based attacks allowing you to unzip files even with most hard passwords.

Go to Application> Kali Linux> Password Attacks> Offline Attacks> fcrackzip

kali linux fcrack zip
Open Terminal type fcrackzip –help.  This command will open fcrackzip with help options

Syntax – fcrackzip –u –c <your password character type>  –p <total digits> zip file path

Ex – fcrackzip –u –c 1 –p aaaaaaaa ‘/root/Desktop/’


The –u option, Try to decompress the first file by calling unzip with the guessed password. This weeds out false positives when not enough files have been given.

The –c option lets you select the character set, ‘1’ here means password also be numeric.

The -p option lets you select an initial string to start brute-force attack.

Note – as you can see the ‘aaaaaaaa’, if you will count this is total 8 digits for your password to be in 8 digits

Syntax – fcrackzip –u –c <your password character type>  -l <password digits range> zip file path

Ex – fcrackzip –u –c 1 –l 4-8 ‘/root/Desktop/’

In this example,  the Zip file has small (lower case) alphabet digits as a password. Here password is ‘abcdefgh’.  If your password has small alphabets characters and length of the password is 8 digits.

Syntax – fcrackzip –u –c <your password character type>  –p <total digits> zip file path

Ex – fcrackzip –u –c a –p aaaaaaaa ‘/root/Desktop/’

Here we are using ‘a’ after –c because our password has small (lower case) alphabet. If you have doubt that the password has a upper case alphabet than replace ‘a’ with capital ‘A’. If you think that your password has both upper and lower case than you can write ‘Aa’. Just like this if you doubt your password has lower case (a), Upper case (A), numeric (1). You have to write there ‘Aa1’.

Syntax – fcrackzip –u –D –p <dictionary file path> <zip file path>

Ex – fcrackzip –u –D –p ‘/root/Desktop/dic’ ‘/root/Desktop/

So finally we have an all-encompassing command for cracking the password-protected file which should look like this >

fcrackzip -b -c ‘aA1!’ -l 1-10 -u