how hackers crack ZIP files password?!?!

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

know why you're here you want to know how to crack the file that you just gotten zip file format but you have no idea what's the password well you're here to learn just that I mean I know you I know what you're thinking we're all hackers or maybe I'm a hacker a script Katie whatever the case is I'll show you how to do just that [Music] but before we get started packing is illegal if you get caught hacking do not tell them you know who is Mr hack alive it's fine even if you tell them you know who's Mr hackaloy because I know some things about you that you don't even know no I'm just kidding I have no idea what's your home address I have no idea what's your name I have no idea your email or your password any of that I have no idea okay so first of all you have a Target file so this could be a file that you have perhaps downloaded from the internet you found some kind of file or someone send you an email or you go to the file system sharing photo whatever case is you manage to download the Fable when you open it up there is a password prompt and you have no idea what is the password in order to open up the file it's okay because the whole idea of today's tutorial is to learn about how to get that password without knowing the password and then after that we have two options here or option number one is where you are going to use what we call a boot Force attack so Brute Force attack is basically trying all possible combinations of characters symbols and so on so forth into to the Target password in order to break it open so it could be starting from a a and then a a b and so on so forth all the way until you have exhausted all those characters against the target fall sounds pretty easy isn't it it actually really is super simple to do the very first thing you want to do is to be able to create a zip file I mean without the zip fault what are you going to crack it's pretty obvious isn't it so the first thing you can do is I can do a right click on a Windows computer I click on a new and then I can of course select say types document and let's call this password.txt and let's go ahead and open this up so in password this is going to be my really secure notepad file all right and what happens here is that this allows us to store all of our passwords which is again a fantastic way of saving and knowing what passwords you have and of course one of those simple passwords I have is hacker Loy is very handsome okay so this is a super important file that we're going to save right now that I've saved it I go in and close it once you close it the next thing you can do now is do it right click right go to use a software like say 7 0 and click add to Archive and from add to Archive select under archive format zip and then right here we have something very important called encryption this is the place where you're going to set the pattern and I will not tell you what is the password in order to open this follow-up so we will be using the cracking tools to help us do just that so let me go ahead and enter the password here okay so you have no idea what is a password and neither will I tell you what is the password until we cracked it so that makes it more mysterious go ahead and click ok okay so once you have that done you can see right here on the bottom left password dot zip this is the file that we are targeting and of course if you're in Linux what you can do now is you can go ahead and say create a file so I can do a touch secure password.txt for example okay and of course I can do mouse pad secure password.txt and open it up enter of course the hacker alloy is very handsome and finally to create this super simple password protected zip file all you have to do is add a pseudo zip enter the password in this case I'll enter one two three four five six seven eight secure password.zam securepassword.txt hit enter on that all right enter your super user do okay that's it done all right now we have managed the password protect our ZIP file next up what we can do here is to go ahead and Target the machine all right from here what we will do is we'll exploit a vulnerability onto the target system or computer or phone or whatever the case is or someone sending a file you manage to get a file from a system from a file directory whatever cases this is something much more cool because we are hackers right so we want to do something more exciting that looks super cool like yeah this guy's a hacker even though it is much easier way to do it so what I can do here is I can say search Eternal all right and I can say use one which is exploit Windows SMB all right ms010ps exec all right so go ahead and use that and what I can do next now is I can set the payload set payload windows x64 or I followed by meter Prater right followed by says reverse underscore HTTP hit enter on that enter show options so you want to set the L host so in this case we have set L hose which is the IP address of The Listener so this is the colonics IP address hit enter on that okay you can enter ifconfig to figure out what this IP address is using next up you enter in the r host so our host is for the Target IP address you're going after so in this case when one two one six eight dot zero to 197 and you'll be saying okay how can I know the IP addresses of all these different devices within the network so the top left corner under information gathering you can use tools like Live host identification or even Network import scanners to help you scan across the network trying to figure out what are those devices that are available for you to Target against and once you're ready go ahead and hit enter on that and next up all you're going to do is enter explore in three two one hit enter and boom you can see right here we have the following okay we have now opened up the session and of course I can enter help and we can see that we are in okay we are literally having full limit control of the entire computer and what we can do next is to go ahead and see the over into the users all right of course here we can enter our last and we can see the list of all those different folders We can access into right now we can see the over in users CD over into loyalum here all right and of course we're targeting the desktop the reason we're targeting the desktop because this is typically the place we have all of those different types of files especially dot zip files which could be password protected or even better to do not password protected at all and once we're here we can enter LS to look at the file that we want to Target so in this case we can look at the password.zip file here that we want to go after and what we can do now is go ahead and enter download password.zip hit enter on that and you can see right here we have already downloaded it doing my previous exploit and has been now skip because it's the same file so right here we have the following instructions okay so we have F crack and after which we're using the Brute Force attack the character set and the option that we're using and then for ball so that we know what's going on and finally to use unzip with the target file okay once you're ready go ahead and hit enter on that and you can see right here we're starting the Brute Force attack against the target file so we can see here checking password and so on so we can see the different tries the different characters that we can use while we're at it what we can do now is go ahead and use the second option to specify a password file that we can use to Target against the password protected zip file so in this case we have dictionary password default that we're using in this case it's in USR share with list common password.txt again it could be rockview.txt whichever that you want to use or possibly if you're targeting against a specific company or business perhaps they have all those passwords that are Exposed on the internet because of certain data breaches and in that case you could possibly use that too so now we're set have used unset and a followed by the Target fault so which one do you think will be faster once you're ready go ahead hit enter on that and boom that's it you can see right here we found the password and right here we have the password.zip file and all we get to do now is double click on it and click on to extract okay and we can save it wherever we want to so in this case just drop it in the same directory or whatever click extract and now it asks for your password and of course we already know the password go ahead and enter that click OK and boom that's it done we can see a new file that has been created right now and all we're going to do is just go ahead and open up the file right so that file is password.txt we can look for it right here this is the one double clicked on it hackerloy is very handsome okay and that's it I hope you learned something valuable and the best thing to do right now is to set all of your passwords to hackaloy is very handsome

Info

Channel: Loi Liang Yang

Views: 91,467

Rating: undefined out of 5

Keywords: hacker, hacking, cracker, cracking, kali linux, kali, metasploit, ethical hacking, ethical hacker, penetration testing, penetration tester, owasp, zip

Id: f4CaVCHN280

Channel Id: undefined

Length: 8min 11sec (491 seconds)

Published: Sat Jan 21 2023