How to recover a lost zip file password?
If you haven't already looked at it there's a couple of sources I'd recommend for this.
John the ripper with the community jumbo patch supports zip cracking. If you look at the supported modes there's some options (including the basic brute-force) for cracking zip passwords.
Elcomsoft have good zip crackers including guaranteed recovery under some circumstances
There are also some companies like this one who appear to have GPU accelerated zip cracking, which could speed things up depending on your hardware.
In terms of the approach it sounds like a dictionary based attack with mutation rules(so changing the dictionary with things like leet speak rules) would be the best bet, particularly if you've got the idea that the words would come from a specific domain. Straight brute-force would likely not be a good idea as it tends to top out around 8 characters (unless you're throwing a lot of CPU/GPU power at it)
You can also use this shell script.
Source: http://synacl.wordpress.com/2012/08/18/decrypting-a-zip-using-john-the-ripper/
#!/bin/bash
echo "ZIP-JTR Decrypt Script";
if [ $# -ne 2 ]
then
echo "Usage $0 <zipfile> <wordlist>";
exit;
fi
unzip -l $1
for i in $(john --wordlist=$2 --rules --stdout)
do
echo -ne "\rtrying \"$i\" "
unzip -o -P $i $1 >/dev/null 2>&1
STATUS=$?
if [ $STATUS -eq 0 ]; then
echo -e "\nArchive password is: \"$i\""
break
fi
done
There are different recovery suites available. Most of them implement these solutions:
- Brute-force attack
- Dictionary attack
- Biham-Kocher attack (this attack is possible when you have part of the text)
- Stay attack (also plaintext based)
Also this link (from which I got most of my information) suggests that if you used a recent winzip (which is suspected since you encrypted this last year), the encryption is AES with a 128 or 256 bit key. This means you can do nothing more but try a bruteforce attack.