4.1 Bruteforcing ZIP Passwords with Python Part 1

00:00

Hello and welcome to this ethical hacking tools with bite on video

00:04

and this module we're going to work on a zip password, brute force it and by Thon, and then this lesson, we're going to look into the prerequisites were gonna explain the rationale behind the code and also begin writing the code. So let's start with the obvious. What are the prerequisites?

00:22

Well, you don't need to install anything

00:24

the two main bison library's that we're going to work with or a zip file and our pores, both of them in the Python Standard library. So you're good to go. Later on, I will provide a password protected archives as well as a text file with the list of passwords

00:42

for your destiny of the *** brute force, sir.

00:46

Now the main idea behind the code is that it looks into the password file, which contains one word for line.

00:53

It goes line by line and uses each word as password when trying to extract the archive.

01:00

When and if it finds the correct password, it extracts the archive and up puts a success message to the screen.

01:07

Simple enough, right?

01:10

Okay, Now let's move into the court editor and, uh, start working on this brute force, sir. So we'll start by importing the necessary stuff. So from zip file,

01:22

we're going to import ZIP file

01:26

s. So we're gonna need this for, uh, working with the zip archive,

01:32

and then we also need our parts, so import our pores.

01:37

And of course, this is for the command line arguments that will provide.

01:40

Okay. And let's first define Ah, these command line arguments, we instantly they parcels. So poor sir equals

01:49

or Florence

01:53

argument Far, sir.

01:56

Okay. And we'll give it a description,

02:00

which is going to start a new line. And let's say usage

02:04

python zip, brute. Not be wise saying that that's how we're gonna name the script.

02:13

Minors. He's gonna be the first argument, which is gonna be the zip filed out zip.

02:19

Okay. And then minus p

02:21

is gonna be for the password file. Let's say don t x t. Okay.

02:28

Um And then we had the arguments one at a time. So we'll have an argument for the password protected archive

02:35

and another argument for the text file containing the passwords. So

02:39

we are using the poor sir

02:44

toe. Add argument.

02:46

So the first argument is going to be minus Z,

02:50

and we're gonna say the destination variable. It's gonna be zip

02:55

archive.

02:57

And the hell message this played is gonna be zip

03:01

archive file. All right, And then the password file arguments. So, four, sir, at argument

03:09

minus being

03:12

in this case, the destination variable is gonna be passed file.

03:15

And the help message is gonna be

03:19

fast word file.

03:21

Okay? And then we need to parsa these arguments. So we'll say forced

03:28

arts equals bar, sir

03:30

dot

03:31

Horace or eggs.

03:34

Okay, Now we're going to is they try except structure

03:38

to catch all the possible errors under one umbrella and allowing the program toe exit in a clean way.

03:46

So I'm talking about Ares from not providing the correct arguments from not providing enough arguments from incomplete arguments and so on. So we'll say try. So if all arguments have been provided correctly, we will. Instead, she ate three variables.

04:04

One for the zipper. Father is gonna be handled through the zip file library soul Say's that archive equals

04:12

zip file

04:14

forest parks. So this is going to look into the zip archive variable another one for the password file. So past file equals

04:28

voiced oryx dot

04:30

fast while

04:32

and another one that's gonna be called found past, which is going to handle whether or not the password has been found. So we'll say, found fast equals this is gonna be an empty string. So if all arguments have been correctly provided these variables are instance, she ated otherwise will catch

04:51

all heirs under one umbrella. So we'll say except

04:56

and we're gonna print the description or the usage of this

05:02

of this script. So Par Sur description.

05:06

Okay, and then we'll exit zero.

05:11

All right, so let's stop here for now and we'll continue in the next lesson.

05:15

As always, before we go, let's do a quick knowledge check.

05:20

So how do we add arguments to a porter in By Thon, is it by using the Ark method by using the argument method or by using the Ark add method?

05:33

Now you might think that this is tricky, but it's actually not. We've been using the poor sir dot at argument to add arguments to the parson one at a time. Thus, the correct answer in this case is be using the an argument method.

05:50

So what did we learn in today's lesson.

05:54

First

05:55

I told you about the script that we will be building over the course of the next few videos, which is a zip password. Brute force, sir.

06:02

Then I explained to you the rationale behind how it works. And then we actually started quoting it.

06:09

And the next lesson. We're going to continue working on this coat.