intro

1
2
3
4
5
6
# author: huangyuhui
# envir: python 3.7.3
# date: november 20,2019
# tested on the os: windows10
# desc: brute force attack the specified zip file
# repo address: https://github.com/yubuntu0109/penetration-testing-learning

code

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
import zipfile
import optparse
from threading import Thread


def extractfile(zfile, password):
try:
print('[-] try to decompress the zip file by the password: %s' % password)
zfile.extractall(pwd=bytes(password, "utf8"))
print('[+] the zip file has decompressed successfully by the password: %s' % password)
exit(0)
except:
pass


def main():
global zname, dname
parser = optparse.OptionParser("usage: %prog -f <file> -d <dict>")
parser.add_option('-f', dest='zname', type='string', help='specified zip file')
parser.add_option('-d', dest='dname', type='string', help='specified pwd dictionary file')
(options, args) = parser.parse_args()
if (options.zname is None) | (options.dname is None):
print(parser.usage)
exit(0)

else:
zname = options.zname
dname = options.dname
zfile = zipfile.ZipFile(zname)
pwdfile = open(dname)
for line in pwdfile.readlines():
password = line.strip('\n')
t = Thread(target=extractfile, args=(zfile, password))
t.start()


if __name__ == '__main__':
main()