I need help with PureZip

[Armoured]

Hi
I have made this:

Code: Select all

#MAXLEN = 10

Global chars.s
Global cptr.l
Global clen.i

Global counter.l

Procedure.b zipCeck(bzpath.s, bzpass.s) 
    counter + 1
    
    Debug "Counter " + Str(counter)    
 
      If (PureZIP_Archive_Read(bzpath))
        PureZIP_SetArchivePassword(bzpass) 
        If (PureZIP_ExtractFiles(bzpath, "*.*", "D:\Programmazione\PureBasic\Brutus\Temp", #False) <> #Null) 
            Debug "Ceck the file with the password " + bzpass
            PureZIP_Archive_Close() 
            ProcedureReturn 1
        EndIf
        PureZIP_Archive_Close() 
      EndIf
EndProcedure

                              
Procedure.s crack(w.i, position.i, p.s, characters.l)  
    Protected c.i
    Protected char.s 
    Protected cpass.s
    Protected cr.s
    
    For c = 0 To clen
        cr = ""
        char = PeekS(@chars+c,1)
        cpass = p + char

        If (position < w)
            cr = crack(w,position + 1, cpass,characters)
            If (cr <> "")
                Debug "password trovata!"
                ProcedureReturn cr  
            EndIf

        EndIf

       If (zipCeck("D:\Programmazione\PureBasic\Brutus\test.zip", cpass)=1)
            Debug cpass
            Debug "password found!"
            ProcedureReturn cpass
       EndIf

    Next c  
EndProcedure


Procedure main()
  Protected w.i
  Protected p.s
    
  chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" 
  clen = Len(chars)-1
  While ((p = "") And (w < #MAXLEN))
        p = crack(w,0,"",@chars)
        w + 1
  Wend  
EndProcedure

main()

The scope of the code is recover a password from a zipped file with a brute force attack. Why this code doesn't work?

Thanks

[Teng]

http://www.wattpad.com/24659-Cracking-Z ... word-Files

"a char is a character, which can be anything - a number, a lowercase or undercase letter or a symbol such as ! or &". I think spaces are also included.

your chars only include the printable characters :
"0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"

Hope that helps, happy cracking.

[Armoured]

http://www.wattpad.com/24659-Cracking-Z ... word-Files

"a char is a character, which can be anything - a number, a lowercase or undercase letter or a symbol such as ! or &". I think spaces are also included.

your chars only include the printable characters :
"0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"

Hope that helps, happy cracking. Twisted Evil

Thanks Teng, but I don't want a a program to recover a zip password made from others

[gnozal]

Why this code doesn't work?

You can't mix PureZIP_Archive_*() functions like PureZIP_Archive_Read() or PureZIP_Archive_Close() with 'standalone' functions like PureZIP_ExtractFiles().
If you use PureZIP_Archive_Read() , you have to use PureZIP_Archive_Extract().
Example :

Code: Select all

If PureZIP_Archive_Read(MyZIP.s)
  ReturnValue.l = PureZIP_Archive_FindFirst() 
  While ReturnValue = #UNZ_OK 
    Debug PureZIP_Archive_Extract(MyZIPOutPut.s, #TRUE)
    ReturnValue = PureZIP_Archive_FindNext()
  Wend
EndIf

[Armoured]

Why this code doesn't work?

You can't mix PureZIP_Archive_*() functions like PureZIP_Archive_Read() or PureZIP_Archive_Close() with 'standalone' functions like PureZIP_ExtractFiles().
If you use PureZIP_Archive_Read() , you have to use PureZIP_Archive_Extract().
Example :

Code: Select all

If PureZIP_Archive_Read(MyZIP.s)
  ReturnValue.l = PureZIP_Archive_FindFirst() 
  While ReturnValue = #UNZ_OK 
    Debug PureZIP_Archive_Extract(MyZIPOutPut.s, #TRUE)
    ReturnValue = PureZIP_Archive_FindNext()
  Wend
EndIf

Ok I modified the program:

Code: Select all

#MAXLEN = 10

Global chars.s
Global cptr.l
Global clen.i

Global counter.l

Procedure.b zipCeck(bzpath.s, bzpass.s)
    counter + 1
    
    Debug "Counter " + Str(counter)
    PureZIP_SetArchivePassword(bzpass)
    If PureZIP_Archive_Read(bzpath)
        ReturnValue.l = PureZIP_Archive_FindFirst()
        While ReturnValue = #UNZ_OK
            Debug "Ceck the file with the password " + bzpass
            If (PureZIP_Archive_Extract("D:\Programmazione\PureBasic\Brutus\Temp", #False)= #UNZ_OK)
                ProcedureReturn 1
            EndIf
            ReturnValue = PureZIP_Archive_FindNext()
        Wend
    EndIf
    
    
EndProcedure


Procedure.s crack(w.i, position.i, p.s, characters.l)
    Protected c.i
    Protected char.s
    Protected cpass.s
    Protected cr.s
    
    For c = 0 To clen
        cr = ""
        char = PeekS(@chars+c,1)
        cpass = p + char
        
        If (position < w)
            cr = crack(w,position + 1, cpass,characters)
            If (cr <> "")
                Debug "password trovata!"
                ProcedureReturn cr
            EndIf
            
        EndIf
        
        If (zipCeck("D:\Programmazione\PureBasic\Brutus\test.zip", cpass)=1)
            Debug cpass
            Debug "password found!"
            ProcedureReturn cpass
        EndIf
        
    Next c
    
EndProcedure


Procedure main()
    Protected w.i
    Protected p.s
    
    chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
    clen = Len(chars)-1
    While ((p = "") And (w < #MAXLEN))
        p = crack(w,0,"",@chars)
        w + 1
    Wend
EndProcedure

main()

But doesn't work, like the other....
The strange thing is that zlib unzip the file with a wrong password and generated a corrupted file

[gnozal]

It's the programmer's responsibility to handle the error(s).
Example (delete extracted file(s) if error) :

Code: Select all

If PureZIP_Archive_Read("c:\PureBasic440\Program\Test.zip") 
  ReturnValue.l = PureZIP_Archive_FindFirst() 
  While ReturnValue = #UNZ_OK 
    If PureZIP_Archive_Extract("c:\PureBasic440\Program\Test\", #False) < 0
      Debug "ERROR !"
      PureZIP_Archive_FileInfo(@FileInfo.PureZIP_FileInfo) 
      DeleteFile("c:\PureBasic440\Program\Test\" + FileInfo\filename)
    EndIf
    ReturnValue = PureZIP_Archive_FindNext() 
  Wend 
  PureZIP_Archive_Close()
EndIf