Zip-archivers (pkzip, WinZip versions up to 8.0) use their proprietary encryption algorithm which is not strong. This causes two practical vulnerabilities. Firstly, it's always possible to implement a plain-text attack (one unencrypted file from the archive needed). Secondly, if the archive was created with WinZip or Infozip and contains 5 or more files, then it is possible to decrypt the archive with guarantee regardless of password length and complexity. Both attacks take just couple hours on the modern computer.
In the latest WinZip versions there is an option that allows using strong AES algorithm. In this case the said attacks are unapplicable and only brute-force can be used for Zip password recovery.
File extensions: zip ZIP crypto algorithms: Propietary (up to WinZip 8.0), AES ZIP encryption weakness: Human factor, weak algorithm Possible attacks against ZIP: brute-force (exhaustive key search if WinZip)/ known-plaintext Attacks complexity: 288(236 if WinZip)/ 238
How can I recover ZIP password? use known-plaintext attack if you've got unencrypted file from archive, use guaranteed recovery if you've got WinZip archive with at least 5 files
Description: Advanced Archive Password Recovery recovers passwords and removes protection from ZIP and RAR archives created with all versions of PKZip, WinZip, RAR and WinRAR in their GUI and command-line incarnations. Being a flexible, customizable and highly-optimized password recovery tool, it offers best-in-class performance for recovering the most complex passwords. Guaranteed recovery is often possible for many ZIP archives in less than one hour.
Description: Zip Password Recovery Master helps to recover lost passwords for ZIP archives. It supports a number of exclusive attacks to beat zip passwords. The use of undocumented features of ZIP files provide you with a great time reduction while searching the password.
Description: The Ultimate ZIP Cracker is designed for recovering the lost passwords for several file types: MS-Word and MS-Excel documents; ZIP, RAR and ARJ archives.
The program is highly optimized for speed.
Description: Really quick search of lost ZIP passwords (.zip and .zipx files). Supports various types of encryption: ZIP/Classic and WinZip AES. Striking code optimization for Intel and AMD processors. Uses GPU computing - works applying ATI and NVIDIA video cards. The rate of searching is 60 times higher! Easy-to-use for novice users - there is an automatic searching according to preset scenarios. Has different options for professionals.
Description: Parallel ZIP Password recovery is an utility to recover ZIP/WinZIP/PkZip passwords. Local version support can use up to 8 cores/GPUs, distributed versions can be run on TCP/IP networks. Special password definition language supports all well-known standard attacks (such as brute force, dictionary, misspelled password recovery etc) and also allows users to make their own attack types. Supports all ZIP archive types and has high recovery rate.
login
