Nowadays sensitive information in PDF or ZIP files are often password protected. This includes bank account statements, medical records, salary statements and so on. Password protection algorithms differ based on the application used to password protect the file and the encryption format chosen. One of the strongest encryption format is AES while PKZIP is an old algorithm. Some programs also used their own proprietary algorithms for password generation.
There are several hacking tools used by ethical hackers around the world that can be used to crack password protection on files. Some of the most effective and popular tools are as follows:
Zydra – This simple and fast tool can be used to crack password protection on PDF and ZIP files and it can even decrypt the encrypted user login passwords in Linux shadow files. It has two modes – Dictionary mode uses a wordlist to guess the correct password, Brute Force method takes a list of possible alphanumeric characters as input and tries to guess the correct password.
Zydra offical website: https://github.com/hamedA2/Zydra
FREE ONLINE PASSWORD CRACKER
CrackStation – This tool is available for Linux, Windows and MacOS platforms and supports most of the common password encryption algorithms. IT includes password hash cracking and uses a lookup table with more than 15 billion entries. It works only for non-salted hashes.
CrackStation official website: https://crackstation.net
RainbowCrack – This tool is known for high-performance hash cracking by utilizing the power of multi-core processors and GPU acceleration. It is a highly optimized tool that tries to minimize memory usage and provide faster results using lookup tables.
ReinbowCrack official website: https://project-rainbowcrack.com
Ophcrack– This only tool is great for recovering hidden Windows passwords and runs as a desktop application. It is easy to use and fast and can recover lost passwords from hidden fields.
Ophcrack offcial website: https://ophcrack.sourceforge.io
BRUTUS PASSWORD CRACKER
Brutus Password Cracker – This tool can be used for retrieving user names and passwords from websites, applications and operating systems. This tool uses dictionary attack to crack passwords. It is available for Windows OS only.
Brutus official website: https://github.com/LittleBigHack/Brutus-Password-Cracker
MEDUSA – KALI CRACKING TOOL
Medusa – This tool is used by professional ethical hackers to crack passwords of online applications remotely. This command line tool uses thread based multi-processing and can test up to 2000 passwords per minute. The tool is free for use.
Medusa official website: https://www.foofus.net/jmk/medusa/
Apart from the above, there are several other free and open source tools available that are widely used by ethical hackers for cracking password protection on files in Linux, Windows and MacOS operating systems.