How to get your zip’s password which you forgot ?

this is based on windows

Sometimes you may forget the password of your file, and you may need to brute force it

Since brute force cracking, it is best to use the GPU’s computing power tool

Supports almost all public formats of encryption algorithms. Of course, since it is brute force, the speed is not fast.


John the Ripper

Use the tools in John the Ripper to get the hash, and then use hashcat to crack it.

Take the zip file as an example:

the zip file’s name is

Use john software to get the hash of the file (other types of files need to find the corresponding, such as rar should use rar2john.exe)

The command line interface is similar to following:

john-1.9.0-jumbo-1-win64\run> zip2john.exe C:\Users\your username\Downloads\

Get something similar to

ver 2.0 PKZIP Encr: cmplen=32479781, decmplen=33117655, crc=75D6287
ver 2.0 PKZIP Encr: cmplen=20, decmplen=8, crc=50FE386B$pkzip2$2*1*1*0*8*24*075d*0583*e66dc60ce74f030d6f2d728f935371a65ed330e47733e8d8f5502d4e6e249956d0f8222d*2*0*14*8*50fe386b*1ef9a48*2a*0*14*50fe*029c*96c9ccc46ba49b9b924a36e7036567cb460303e0*$/pkzip2$, p.jpg:C:\Users...

Among them :


is the hash we want

Then use hashcat software, The command line interface is similar to

D:\Program Files\hashcat-6.2.4>  hashcat.exe -a 3 -m 17225 $pkzip2$2*1*1*0*8*24*075d*0583*e66dc60ce74f030d6f2d728f935371a65ed330e47733e8d8f5502d4e6e249956d0f8222d*2*0*14*8*50fe386b*1ef9a48*2a*0*14*50fe*029c*96c9ccc46ba49b9b924a36e7036567cb460303e0*$/pkzip2$ --increment --increment-max=9

Among them,

-a 3 represents the specified crack mode as exhaustive mode,

-m specifies the file type as 17225 because here is $pkzip2$,

–increment represents the automatic increase of digits

–increment-max=9 represents the maximum to 9 digits.

Specific parameters can be based on needs, as well as setting information such as masks, etc., from the following,

Just wait for execution, and finally get something like


Session..........: hashcat
Status...........: Cracked
Hash.Mode........: 17225 (PKZIP (Mixed Multi-File))
Hash.Target......: $pkzip2$2*1*1*0*8*24*075d*0583*e66dc60ce74f030d6f2d...kzip2$
Time.Started.....: Thu Sep 30 10:19:12 2021 (7 mins, 56 secs)
Time.Estimated...: Thu Sep 30 10:27:08 2021 (0 secs)

Among them,

Status………..: Cracked means the password has been found,

and the above 699nun9x is the password (at the end of first line)

Leave a Reply

Your email address will not be published. Required fields are marked *