Zip compression package password hack

There is a way of cracking called known plaintext attack. Password cracking software on the market almost always comes with this feature. The way to do this is to find the encryption package of any file, the same compression software compression into a non-encrypted package, and then compare the two compressed packets, so that the entire encrypted package can be restored to an unencrypted form.

The principle is this: you enter the password, first converted to 3 32bit key, so the possible combination of key is 2^96, this is an astronomical, if it is not possible to use brute force, unless your password is shorter or have a powerful dictionary. The compression software encrypts all the files in the package with these 3 keys, which means that all files have the same key, and if we can find this key, we can unlock all the files. If we find any of the files in the encryption package, this file is the same as the files in the compressed package, we use the same compression software compression method without password compression, the resulting file is our known plaintext. With this password-free compression package and the compression package with a password to compare, analyze two packages of the same file, extract two files of different points, that is, the 3 key, so you can get key. Two bytes of the same file in the compressed packet should be 12 byte apart, that is the 3 key. Although we still could not restore the password through this key, but we can use this key to unlock all the files, so has been satisfied with my request, and the previous password is useless, I just want to file.

In fact, as long as you can find the same document, it's all right!
So I used the advanced ZIP Password Recovery (crack) to select known plaintext attack. Took 2 minutes to find the key, and then took 20 minutes to my 700M of the compressed package untie, done!

Zip compression package password hack