ToolsFebruary 9, 20261 min readby 0xt0pus

zip2john

Extracts password hashes from encrypted ZIP files for cracking with John the Ripper

#password-cracking#hash-extraction

zip2john

Description

zip2john is a utility that extracts password hashes from encrypted/password-protected ZIP files. The extracted hashes can then be cracked using John the Ripper. This is useful when you encounter password-protected zip files during enumeration (e.g., from FTP servers, SMB shares, etc.).

Usage 1: Extract Hashes from Multiple Zip Files

Loop through all zip files in the current directory and extract their password hashes into a single file for batch cracking.

Command:

for zip in *.zip; do zip2john "$zip" >> hashes.txt; done

Usage 2: Crack the Extracted Hashes with John

After extracting the hashes, use John the Ripper with a wordlist to crack the passwords.

Command:

john hashes.txt --wordlist=/usr/share/wordlists/rockyou.txt