Elcomsoft.com » Password Recovery Software » Advanced ZIP Password Recovery » Help
The password encryption in ZIP is relatively strong, and if the password is long enough and well selected, there is no way to recover it in a reasonable time. In most cases, only brute-force and dictionary attacks are available.
Dictionary attack is the most effective one – with it, the program tries every word in a dictionary (wordlist) until the password is found. This method is popular because it is well known that many people use common words as passwords. Dictionaries with hundreds of thousands of words, as well as specialist, technical and foreign language dictionaries are available, as are lists of thousands of words that are often used as passwords such as "qwerty", "abcdef" etc.
If you have completed a dictionary attack, but some passwords still have not been recovered, you have to follow up with a brute-force attack. In this attack, the program tries to guess the password by trying every single combination of characters until the password is found. For example, the program might follow a sequence like this:
"aaaaaaaa"
"aaaaaaab"
"aaaaaaac" ...
until the password is found. Obviously, this method will take time: for an eight-character alpha password there are 200 Billion combinations to be checked. But with modern computers this sort of attack doesn't take as long as you might think. The brute force attack is the slowest method of password attack, but can often be successful on short and simple passwords.
There are a few different encryption algorithms for ZIP archives. AZPR supports only the the traditional PKWARE encryption (used in most ZIP-compatible compression utilities; see Application Notes - .ZIP File Format Specification). If your file is encrypted using Advanced Encryption Technology (used in WinZip 9.0 and 10.0), use Advanced Archive Password Recovery instead (an addition to Advanced Encryption Technology support, it also works with ACE 1.x, RAR and ARJ archives, and includes more features like Guaranteed WinZip attack that works with ZIP archives with 5 or more encrypted files created in WinZIp 8.0 or older).
With brute-force attack, AZPR recovery speed is about 15 million passwords per second (on Pentioum 4 CPU), and so the "practical limit" for brute-force attack is about 10 characters. In addition, the "known-plaintext" attack is available: in most cases, it doesn't recover the password, but allows to get the encryption keys, and the archive can be decrypted so you will not need the password to get in. This attack usually takes 10-15 minutes (and the time does not depend on the password length). Unfortunately, it is not always applicable.
Get more information about Advanced ZIP Password Recovery
Get full version of Advanced ZIP Password Recovery
(c) 2005 ElcomSoft Co.Ltd.