English | 简体中文 | 繁體中文 | Русский язык | Français | Español | Português | Deutsch | 日本語 | 한국어 | Italiano | بالعربية
Preface
Decompress zip files using Python's built-in zipfile module, and add some material to complete password cracking.
The zipfile module is used for compressing and decompressing files in zip format. There are two very important classes in zipfile, namely ZipFile and ZipInfo. In most cases, we only need to use these two classes. ZipFile is the main class, used to create and read zip files, while ZipInfo stores the information of each file in the stored zip file.
For example, to read a Python zipfile module, here it is assumed that filename is a file path:
import zipfile z = zipfile.ZipFile(filename, 'r') for i in z.infolist(): print i.file_size, i.header_offset
Here z.infolist() is used, it returns the information of all files in the zip file, which is a list of ZipInfo. A ZipInfo object contains information about a file in the zip file, among which the commonly used ones are filename, file_size, header_offset, which are file name, file size, and the offset of file data in the zip file.
Preparation stage
First, you need a compressed file and add a password to it, it looks like this
Then you successfully get a compressed file with a built-in password, okay, that's it
brute force attack
First, let's know what brute force attack is. Simply put, it is to compare through a round-robin method, we all know MD5encryption on the Internet, then MD5is irreversible, then those so-called MD5How does the decryption website do it? In fact, it is also a brute force method.
Let's take an example, you can use MD5Encrypt a string str="abc" and the encrypted result is "3cd24fb0d6963f7d" This long string is definitely not understandable by others, MD5How does the decryption website do it? They start trying randomly when they have nothing to do, putting aa/cc/bb/abc and other things to start using MD5Encrypt once and store it in your own database, when you go to query, they will use the "3cd24fb0d6963f7d" in the database, if there is a coincidence, it can be found, most of the time your encrypted string is slightly more complex and cannot be found, this is what is called MD5Decryption, that is, brute force attack
The above code
import zipfile #Import the module, which is used for compression and decompression
password="123" #The password we set
zfile = zipfile.ZipFile("test.zip") #The zip file to be unzipped
zfile.extractall(path='C:\\Users\\Administrator\\Desktop\\', members=zfile.namelist(), pwd=password.encode('utf-8'))
#Unzip operation, path is the output path
Let's run the code above (of course, your encryption password must be123You will find that test.zip has been extracted on the desktop, perfect ending. But there is still one thing left, that is, the brute force attack. If you know the password, what is the use of cracking it? Don't hurry, keep reading.
import zipfile
zfile = zipfile.ZipFile("test.zip")
passFile=open('pwd.txt') # Read the password file you set
for line in passFile.readlines():
try:
password = line.strip('\n')
zfile.extractall(path='C:\\Users\\Administrator\\Desktop\\', members=zfile.namelist(), pwd=password.encode('utf-8'))
break
except:
print("Wrong again")
The content of pwd.txt is as follows
1223 abc aaa 123
Well, that's it. The password brute force for the zip file is completed. It actually just cleverly uses the try except exception mechanism. When the decompression is normal, the password is normal. If the decompression fails, an exception will be reported. Try it out.
Summary
That's all for this article. I hope the content of this article is of certain reference value to everyone's learning or work. If you have any questions, you can leave a message for communication. Thank you for your support of the Yell Tutorial.
Statement: The content of this article is from the Internet, and the copyright belongs to the original author. The content is contributed and uploaded by Internet users spontaneously. This website does not own the copyright, has not been manually edited, and does not assume any relevant legal liability. If you find any content suspected of copyright infringement, please send an email to notice#w3Please send an email to codebox.com (replace # with @ when sending an email) to report any violations, and provide relevant evidence. Once verified, this site will immediately delete the content suspected of infringement.