Found a 16y old password protected Zip file with my mIRC logs

[lampzzy]

While checking some really old CDs I found a password protected zip file with my mIRC logs from the year 2000. Since then my passwords changed a few times so I have no idea how many characters or which characters I used to protect the zip file. I already tried to brute force using 4-7 characters but no success. Any ideas to crack this are welcome.

[howlett]

If it's from 2000 and they were created using WinZip up to v8.0, you can use the Passware Kit and the SureZip recovery as per http://www.lostpassword.com/attacks.htm#surezip

> SureZip attack decrypts Zip archives created with WinZip version 8.0 and earlier in less than an hour regardless of password used to protect it. At least 5 simultaneously encrypted files are required in order to process the archive. Archives created with WinZip are supported.

I used this when it first came out and even with a 60-char password, if there were more than 5 files it could extract them within an hour (sometimes less than 5 minutes).

[baruch]

You have either brute force with more characters or if you have a file in there with a known content there is a known-plaintext attack on zip encryption. I've used it once and it worked nicely but it's rather tricky to find another file with the exact same content for this.

[lampzzy]

wow! this is a good one! The Zip contains not only the logs but all the files that were part of the mIRC application (executable, config, etc). Maybe I'll try to find some old config files and explore this option.

[baruch]

The utility I used is PkCrack: https://www.unix-ag.uni-kl.de/~conrad/krypto/pkcrack.html

[4e1a]

I would research as to what cipher was used in zip files back then and see if it is currently defeatable, like RC4 or AES with bad padding, and then work through the cryptopals.com problems and see if any of this applies to the zip file.

[lampzzy]

I'm not a cryptography guy myself but thanks for the tip - still on time to learn a few things!

[gt565k]

There was some post about using a CUDA program with your GPU to brute force zip passwords, but can't find anything with a quick google search.

Try this though

http://www.crark.net/

[lampzzy]

will def look at this as it was in my plans to use some aws gpu instances for a couple of days.

[smlacy]

fcrackzip?

https://github.com/hyc/fcrackzip

[lampzzy]

thanks. that's what I've been using so far but no success.

[echolima]

Are you going to post what you find?

[lampzzy]

not sure if I will find something that interesting for the cmmunity