search

kimci86 / bkcrack

Crack legacy zip encryption with Biham and Kocher's known plaintext attack.
zlib License
1.62k stars 160 forks source link

Friendly Tutorial for Amateur + Video File #86

Open ghost opened 1 year ago

ghost commented 1 year ago

we don't know if only in kali linux can be done, or it can be work also in ubuntu terminal in windows? i hope there is a step by step image/video visual tutorial how it can be done + basic explanation of the parts.

what if the secrets.zip contain video type file? can be used the same method or what

kimci86 commented 1 year ago

we don't know if only in kali linux can be done, or it can be work also in ubuntu terminal in windows?

The program should work the same regardless of the operating system. You might have to compile it first if the precompiled packages do not work for your system.

i hope there is a step by step image/video visual tutorial how it can be done + basic explanation of the parts.

I admit there is not a lot of documentation for now and I hope to add more in the future. There is the tutorial, but I think I need to add other examples to explain in details how to proceed when the encrypted file is compressed. Did you check the tutorial? Could you tell what step you are struggling with?

what if the secrets.zip contain video type file? can be used the same method or what

The type of file inside the ZIP archive is not of great importance, the principles remain the same.

ghost commented 1 year ago

https://user-images.githubusercontent.com/94531645/213379440-9af09fd8-97bb-4452-bc1a-b7ba977fa915.mp4

Thanks for Responding,

Here's what i did

  1. Open Ubuntu Terminal in VB
  2. git clone(? I'm not sure because I'm having a hard understanding the tutorial that only someone who's used to it or in the field can understand which is there is no need basic tutorial because it's not necessary for normal people(or some amateur like me) but i want to advanced y'know without learning overall topics about encryption and decryption)
  3. exit
  4. go to bkcrack and right click the folder and choosed open in terminal
  5. then what should i do next? or i'm in the wrong method?

That's all, I hope there is a specific tutorial then maybe when I learn it I can make a basic tutorial video for amateurs as my contribution here.

Thanks.

kimci86 commented 1 year ago

What you are looking at in your video above are source files. Those cannot be run as-is. They have to be compiled to generate an executable program. However, you do not have to do it yourself.

I hope to write a beginner-friendly guide some day but in the meantime here are some steps for you. I assume you use Windows as your primary operating system.

  1. Download bkcrack package for your operating system from here: https://github.com/kimci86/bkcrack/releases You probably can choose bkcrack-1.5.0-win64.zip.
  2. Extract the downloaded archive wherever you like. For example in a folder C:\Users\<You>\Downloads\bkcrack (where <You> is your Windows user name) That folder should now contain bkcrack.exe and a few other files and folders.
  3. Open a terminal window (terminal app or command prompt, it doesn't really matter)
  4. Navigate to the folder where you extracted bkcrack package. For example typing cd C:\Users\<You>\Downloads\bkcrack in the command prompt and hitting enter.
  5. You can now start bkcrack by typing .\bkcrack.exe It should tell you that some parameters are missing.
  6. Then, if you want to follow the tutorial, navigate to the example folder with cd example and the commands from the tutorial should work if you replace ../bkcrack by ..\bkcrack.exe in the commands.

Does that help?

ghost commented 1 year ago

image

I think it's happening i mean this discussion become a thread now for writing beginner-friendly guide, i hope you respond this one:)

i tried ..bkcrack, ..bkcrack.exe, /bkcrack, /bkrack.exe, etc...

Thankyou again!

kimci86 commented 1 year ago

On Windows, filenames use backslash \ as a separator between folders. The tutorial was written with Unix-like systems in mind (e.g. Linux or macOS). On those systems, the separator is forward slash /.

So for you ..\bkcrack.exe should work.

spielmirdasliedvomkoks commented 1 year ago

For any other n00b like me who tries this using Windows: I asked ChatGPT how to convert linux command lines to windows and I will now share what worked for me here.

First, move the archive to the same directory as bkcrack.exe. Then while still in that directory click on an empty space into the line at the top where the folder structure is found, type "cmd" without the quotes and hit enter to easily open the terminal already set to the directory in question. Now the actual commands are quite similar to the linux ones, mostly the same just without the $ ../. I'll show you the most important ones from the tutorial only converted to windows. You should get the tutorial to work just by CTRL + C, CTRL + V without adding any additional characters.

Getting the initial info: bkcrack -L secrets.zip

Creating a plaintext .txt file in the same directory: echo -n '<?xml version="1.0" ' > plain.txt (Somehow this didn't work for me because the terminal didn't accept the plaintext so you can also do this manually if you run into any issues by rightclicking an empty space in the same directory, new, text document, naming it plain.txt and pasting the plaintext into it)

Running the attack: bkcrack -C secrets.zip -c secrets/spiral.svg -p plain.txt (Notice that you'll need to add the entire sub folder structure to the targeted file, here its just secrets/)

Creating a new archive: bkcrack -C secrets.zip -k c4490e28 b414a23d 91404b31 -U secrets_with_new_password.zip easy

I hope this can be of some help to anyone struggling.