[ LastBit Software Home Page ]   [ Help Index ]

Zip Password

Zip Password recovers password-protected ZIP archives (created with WinZip or other compatible software). Zip Password recovers both standalone .zip files and self-extracted archives (.exe).

With one exception described below, there is no guaranteed method to break a Zip file password. You have to use universal recovery methods such as Brute Force Attack and Dictionay Search to find the password. Although Zip Password is extremely fast (up to billions passwords per minute), this means that recovery may take a lot of time or even fail if the password is long enough. This article describes how to recover the password using universal recovery methods.

Often Zip archive contains multiple files. Sometimes it is possible to find one of them in an unencrypted form. For example, if your archive contains hundreds of files and one of these files may be found elsewhere, you can use this file as a source for so-called Known Plain Text Attack and decrypt all other files. Known Plain Text Attack takes up to 24 hours. Success is guaranteed regardless of the password length. Note that using Known Plain Text Attack you can decrypt your archive but you can NOT find the original password. To perform Known Plain Text Attack you should provide Zip Password with another archive (without password) that contains at least one of the files from the encrypted archive. Note that WinZip has several compression modes (Maximum, Normal, Fast and super fast) and compression may differ in different WinZip versions. The file in the second archive must be compressed in the same mode and by the same zipping software. Known Plain Text Attack is actually performed in our datacenter. Zip Password will send about 100 bytes of the archive required for recovery to our server. These bytes do NOT contain actual content of the archived files. These bytes contain a so-called "cipher gamut" a sequence of bytes used for encryption, not the archive contents.

A Zip archive may contain files with different passwords. The current version of Zip Password is unable to handle such archives properly.

Brute force attack speed depends on a number of factors. It is much slower if the archive contains a single file. It also depends on the WinZip version used to create the archive. Zip Password has several recovery engines inside and it automatically selects the best one possible.

Zip Password supports so called Known Plain Text Attack. If you have a plain unencrypted copy of any file from the archive, you can decrypt the entire archive within a short time frame regardless of the password length. The original password will remain unknown.

You can use Known Plain Text Attack (KPTA) as follows:

- Run Zip Password, then click "Open" and select an encrypted zip archive you want to recover.
- First, Zip Password will ask: "What program did you use to create this ZIP archive?" Answer: "I do not know." Then it will ask you about the recovery mode. Select "Known Plain Text Attack" and then click "Next".
- Zip Password will ask you for the second (unencrypted) archive that contains at least one file from the first archive. Select the archive you have prepared. If Zip Password displays the error "There is no suitable file in the archive" - either the unencrypted file is not the same as the encrypted one or different compression modes were used for the two files. 
WinZip allows choosing various compression levels (such as Normal, Maximum or Fast). You can prepare several unencrypted archives made with different compression levels and try them all.

The amount of time required by KPTA really depends on the file's size. For the real files, KPTA normally requires just a couple of minutes. However, if the file is rather little - less than 200 bytes - the recovery time will start to grow. And especially if the file's length is less than 20 bytes (the minimum length required by the program is 13 bytes), KPTA may need significant amount of time to complete. However, since so little files are rather an exclusion than the rule, that typically does not create a problem.

WinZip 9.x introduced the AES encryption. ZipPassword supports AES encrypted zip archives, however the search speed is very slow (due to the encyption scheme). It means that you can recover very short or dictionary-based passwords only. We suggest that you use the dictionary attack with such archives. You can download additional dictionaries from here. Known Plain Text Attack is also unavailable if AES encryption is used.

The recovery methods used by Zip Password (click to find more information on each method):