IFCTF ZIP Cracker By Michael Sokolov, International Free Computing Task Force This program cracks encrypted ZIPs by brute force trial of all possible encryption keys consisting of printable ASCII characters (space through '~'). It first tries all 1 character keys, then all 2 character keys, then all 3 character keys, and so on. Within each key length the last character is incremented first, then the preceding one, and so forth. Within each character position characters are tried in this order: * Lowercase ASCII letters in natural order * Digits in natural order * Uppercase ASCII letters in natural order * All other graphic ASCII characters in ASCII order * Space Each key is checked by decrypting the 12 byte random prepend in front of the encrypted file and checking the last byte against the high byte of CRC-32. This test generates many false positives; however, filtering is greatly improved when the ZIP contains many files encrypted with the same key. If the ZIP file to be cracked contains multiple encrypted members, izipcrack assumes that they are all encrypted with the same key and reports potential hits only when the check passes on all files. This method of ZIP cracking is only effective against encrypted ZIPs containing many members encrypted with the same key. izipcrack is designed to run as a background process on a UNIX system. It must be invoked as follows: izipcrack zipfile statefile logfile zipfile is the ZIP to be cracked. The other two arguments give names for files that will be created by izipcrack. statefile records the state of the cracking process, allowing it to be interrupted and restarted. izipcrack records its state in statefile every hour and when killed with SIGHUP, SIGINT or SIGTERM. logfile reports interesting events, namely potential hits and advances to the next key length. izipcrack decides whether to start the crack from the beginning or to restart it based on whether statefile exists when izipcrack is invoked. logfile is always opened for rewrite, if you want to save an old log file, rename it or use a different name when restarting izipcrack. The state recorded in statefile is the key/password from which to start the crack (the advance order is unchanged). It can be manually edited to start multiple cracks in parallel from different points on different machines or multiprocessor systems. Happy cracking! Space Falcon, Freedom Fighter Proletarians of all planets, unite!