代码语言
.
CSharp
.
JS
Java
Asp.Net
C
MSSQL
PHP
Css
PLSQL
Python
Shell
EBS
ASP
Perl
ObjC
VB.Net
VBS
MYSQL
GO
Delphi
AS
DB2
Domino
Rails
ActionScript
Scala
代码分类
文件
系统
字符串
数据库
网络相关
图形/GUI
多媒体
算法
游戏
Jquery
Extjs
Android
HTML5
菜单
网页交互
WinForm
控件
企业应用
安全与加密
脚本/批处理
开放平台
其它
【
C
】
破解zip密码
作者:
Dezai.CN
/ 发布于
2012/5/26
/
694
破解zip密码
#include <stdio.h> #include <string.h></div> <div>unsigned char dos_string[128]; unsigned char delete_file[128]; #define DWORD unsigned long #define WORD unsigned int #define BYTE unsigned char</div> <div>define USGC unsigned char #define USGI unsigned #define USGL unsigned long</div> <div>define MAXDIGHACK 8 #define GOOD_CRC32_RESIDUAL 0xdebb20e3L</div> <div>USGL crctable[256]; // global accessible // USGI crc2find; // crc 2 find //</div> <div>BYTE sig[] = {0x50,0x4b,0x03,0x04}; BYTE error_sig[] ={'e','r','r','o','r','s','!'};</div> <div>unsigned long crc32(); void generatetable(); unsigned char decrypt_byte();</div> <div> int maxdighack = MAXDIGHACK;</div> <div></div> <div>//unsigned char preamble[10]; //unsigned char postamble[10];</div> <div>int ffflag=0;</div> <div> main(argc, argv) int argc; char *argv[]; { unsigned char passcode[25]; unsigned char buffer[25]; unsigned char lookfile[25]; unsigned char inbuff[25]; unsigned char zipname[25]; FILE *zipfile; int end,i,j,skip,len;</div> <div> printf("\nZipcrack V0.1b - (c)1991 by Mycal Johnson - <a href="mailto:mycal@netacsys.com\n\n">mycal@netacsys.com\n\n</a>");</div> <div> if(argc==1) { printf("\n Usage: 'zipcrack zipfile crackfile'"); printf("\n zipfile = filename.zip "); printf("\n crackfile = file in the zipfile to crack\n\n"); exit(2); } <div> i=strlen(argv[1]); if(i>8) { printf("\n Filename must be 8 characters or less, do not incude .zip extention \n\n"); exit(2); } strcpy(zipname,argv[1]); strcat(zipname,".zip"); i=strlen(argv[2]); if(i>12) { printf("\n Filename to hack cannot be more than 12 characters including extention\n\n"); exit(2); } strcpy(lookfile,argv[2]);</div> <div> strupr(lookfile); strupr(zipname); // // make unzip try string // strcpy(dos_string,"unzip "); strcat(dos_string,argv[1]); strcat(dos_string," "); strcat(dos_string,lookfile); strcat(dos_string," -s");</div> <div> strcpy(delete_file,"del "); strcat(delete_file,lookfile); // // check to see if target already exists // if((zipfile = fopen(lookfile,"r+b")) != NULL) { close(zipfile); printf("\nWarning %s already exists on disk.",lookfile); printf("\n Delete this file and try again."); exit(1); } <div> if ((zipfile = fopen(zipname,"r+b")) == NULL ) { printf("fopen failed. Cannot find/open %s.\n",zipname); exit(2); } <div> i = 0; end=0; // // Here we search for file to hack on inside the zip file. First we // look for the local file sig then we check to see if its our file. // while(!end) { if(fread(buffer, sizeof(char),1,zipfile)) { if(buffer[0] == sig[i]) i = i + 1; else i = 0; if (i == 4) { // sig is 4 digits len=strlen(lookfile); skip = 26; if(fseek(zipfile, (long)skip, SEEK_CUR)!=0) { printf("fseek fail\n"); exit(1); } if(fread(inbuff, sizeof(char),len,zipfile)) { if(!memcmp(lookfile,inbuff,len)) end=1; else i=0; } else { printf("read failed\n"); exit(1); } } } else end = 2; // end of file } // // We couldn't find the file to hack if end = 2; // if(end == 2) { printf("File to hack not in found in Zipfile.\n"); exit(2); } // // Read encryption header // if(!fread(buffer, sizeof(char),12,zipfile)) { printf("Cannot read from Zipfile. fread fail\n"); exit(2); } <div> skip = -(len+16+12); // - len of filename + crc offset + encript headder if(fseek(zipfile, (long)skip, SEEK_CUR)!=0) { printf("fseek fail\n"); exit(1); } if(fread(inbuff, sizeof(char),4,zipfile)) { printf(" crc from file = %x : %x \n",((inbuff[3]<<8)|inbuff[2]), ((inbuff[1]<<8)|inbuff[0])); crc2find = ((inbuff[3]<<8)|inbuff[2]); } else { printf("fread2 fail"); exit(2); } close(zipfile);</div> <div> buffer[12]=0;</div> <div> if(crackzip(passcode,buffer)) { // buffer contains encription header // // returns hacked key in passcode // printf("\nWe hack success!\n\nKey is '%s'\n\n",passcode); printf("Thanx to your pal <a href="mailto:mycal@netacsys.com\n">mycal@netacsys.com\n</a>"); exit(0); } else { printf("\nBummer, I couldn't hack it.\n"); exit(1); } } <div> crackzip(passcode, buffer) char *passcode; char *buffer; { unsigned long key[3]; unsigned char hackbuff[19]; unsigned char password[50]; unsigned char dos_try[128]; unsigned int i,end, result,slen;</div> <div> generatetable(); // generate 32-bit crc table // // // Set password to 'a' and the rest nil, set up end flag // end = 0; for(i=0;i<50;i++) // init password to nil // password[i]=0; strcpy(password,"a"); // // this is where the main hack loop is, we loop here tell we crack the // password or forever, whichever is first. // while(!end){ memcpy(hackbuff,buffer,15); // reset buffer to origin key[0] = 305419896L; // reset key to start key[1] = 591751049L; key[2] = 878082192L; // // initilize key with password // slen = strlen(password); for(i=0; i<slen;i++) update_keys(key,password[i]); // // try the decript // if(!decript_head(hackbuff,key)) { // // no CRC match, get next password to try, try again // update_password(password); if(strlen(password)>maxdighack) { return(0); end=2; } } else { // // We have a CRC match, so lets try to unzip the file // printf(" -- possible password is %s. Trying it now... \n",password); strcpy(dos_try,dos_string); strcat(dos_try,password); strcat(dos_try," > zipcrack.err"); result=system(dos_try); if(!chk_4_errors()) { // we hack success! strcpy(passcode,password); return(1); } printf("...failed\n"); system(delete_file); update_password(password); if(strlen(password)>maxdighack){ return(0); end=2; } } }// end while // } <div> ////////////////////////////////////////////////////////////////////////// // // chk_4_errors() - search the zipcrack.err file for the error_sig - // "error!". If found return 1 else return 0 // ///////////////////////////////////////////////////////////////////////// int chk_4_errors() { FILE *errfile; int end; int i; char buffer[10];</div> <div> if ((errfile = fopen("zipcrack.err","r+b")) == NULL ) { printf("\nCannot find zipcrack.err file."); printf("\nCannot continue.\n"); exit(1); } <div> i=0; end=0; while(!end) { if(fread(buffer, sizeof(char),1,errfile)) { if(buffer[0] == error_sig[i]) i = i + 1; else i = 0; if (i == 7) { // sig is 4 digits close(errfile); return(1); } } else end=1; } close(errfile); return(0); } <div>////////////////////////////////////////////////////////////////////////// // update_password(password) - we get the next password to try here. // This is the routine you would modify to make a dictionary or // other than sequential hack. Also you can modify the range // of char's to try here. /////////////////////////////////////////////////////////////////////// update_password(password) char *password; { int g,i,len,err; char newlen[12];</div> <div> err=0;</div> <div> len = strlen(password); i = len-1; g = 0;</div> <div> while(!err){ password[i] = password[i] + 1; // inc to next char in series if(password[i] > 'z') { password[i] = 'a'; i = i - 1; g = g + 1; if(g==2) printf("password = %s \015",password); }else err = 1;</div> <div> if(i<0) { // we need to increase the length by one // strcpy(newlen,preamble); // I was thinking about a pre and // postamble in case you knew the // first or las couple of letters // of the password strcpy(newlen,"a"); // new start of string // strcat(newlen,password); strcpy(password,newlen); err = 1; } } } <div>//////////////////////////////////////////////////////////////////////////// // decript_head(buffer,key) - this is where the actual work takes place, // We decript the buffer with the key generated with our password and // check if we have a CRC match, if we do return with a 1. //////////////////////////////////////////////////////////////////////////// decript_head(buffer,key) unsigned char *buffer; unsigned long *key; { int i; unsigned int crc1; char c;</div> <div> for(i = 0; i<12 ; i++) { c = buffer[i] ^ decrypt_byte(key); /* buffer xor decrypt_byte */ update_keys(key,c); buffer[i] = c; } crc1 = ((buffer[11]<<8)|(buffer[10]));</div> <div> /* crc1 = ~crc1; */ if(crc1 == crc2find) { printf("Yippi Ki-aye M*&!#R <a href="mailto:F*^@#R">F*^@#R</a> "); return(1); } return(0); } <div> update_keys(key,val) unsigned long *key; char val; { key[0] = crc32(key[0],val); key[1] = key[1] + (key[0] & 0x000000ff); key[1] = key[1] * 134775813 + 1; key[2] = crc32(key[2],(key[1] >> 24)); } <div> unsigned char decrypt_byte(key) unsigned long *key; { unsigned short temp;</div> <div> temp = key[2] | 2; return((temp*(temp^1))>>8); } <div> // // cRc routine // unsigned long crc32(oldcrc, newchar) USGL oldcrc; char newchar; { int i,index; USGL Crc;</div> <div> Crc = oldcrc;</div> <div> index = ((Crc ^ newchar) & 0x000000ffL); Crc = ((Crc >> 8) & 0x00ffffffL) ^ crctable[index];</div> <div> return Crc; /* return a 1's complement */ } <div> </div> <div></div> <div>void generatetable() /* generate the crc look-up table */ { union { USGI i; struct { USGI i1 :1; /* MSC low order bit */ USGI i2 :1; USGI i3 :1; USGI i4 :1; USGI i5 :1; USGI i6 :1; USGI i7 :1; USGI i8 :1; /* MSC high order bit */ USGI :8; /* unused bits */ }bit; }iUn;</div> <div> union { USGL entry; struct { USGI b1 :1; /* MSC low order bit */ USGI b2 :1; USGI b3 :1; USGI b4 :1; USGI b5 :1; USGI b6 :1; USGI b7 :1; USGI b8 :1; USGI b9 :1; USGI b10:1; USGI b11:1; USGI b12:1; USGI b13:1; USGI b14:1; USGI b15:1; USGI b16:1; USGI b17:1; USGI b18:1; USGI b19:1; USGI b20:1; USGI b21:1; USGI b22:1; USGI b23:1; USGI b24:1; USGI b25:1; USGI b26:1; USGI b27:1; USGI b28:1; USGI b29:1; USGI b30:1; USGI b31:1; USGI b32:1; /* MSC high order bit */ } entrybit; }entryun;</div> <div> for (iUn.i = 0; iUn.i < 256; iUn.i++) { entryun.entry = 0; /* zero out the value */</div> <div> entryun.entrybit.b32 = (iUn.bit.i2 ^ iUn.bit.i8); entryun.entrybit.b31 = (iUn.bit.i1 ^ iUn.bit.i2 ^ iUn.bit.i7 ^ iUn.bit.i8); entryun.entrybit.b30 = (iUn.bit.i1 ^ iUn.bit.i2 ^ iUn.bit.i6 ^ iUn.bit.i7 ^ iUn.bit.i8); entryun.entrybit.b29 = (iUn.bit.i1 ^ iUn.bit.i5 ^ iUn.bit.i6 ^ iUn.bit.i7);</div> <div> entryun.entrybit.b28 = (iUn.bit.i2 ^ iUn.bit.i4 ^ iUn.bit.i5 ^ iUn.bit.i6 ^ iUn.bit.i8); entryun.entrybit.b27 = (iUn.bit.i1 ^ iUn.bit.i2 ^ iUn.bit.i3 ^ iUn.bit.i4 ^ iUn.bit.i5 ^ iUn.bit.i7 ^ iUn.bit.i8); entryun.entrybit.b26 = (iUn.bit.i1 ^ iUn.bit.i2 ^ iUn.bit.i3 ^ iUn.bit.i4 ^ iUn.bit.i6 ^ iUn.bit.i7 ); entryun.entrybit.b25 = (iUn.bit.i1 ^ iUn.bit.i3 ^ iUn.bit.i5 ^ iUn.bit.i6 ^ iUn.bit.i8);</div> <div> entryun.entrybit.b24 = (iUn.bit.i4 ^ iUn.bit.i5 ^ iUn.bit.i7 ^ iUn.bit.i8); entryun.entrybit.b23 = (iUn.bit.i3 ^ iUn.bit.i4 ^ iUn.bit.i6 ^ iUn.bit.i7); entryun.entrybit.b22 = (iUn.bit.i3 ^ iUn.bit.i5 ^ iUn.bit.i6 ^ iUn.bit.i8); entryun.entrybit.b21 = (iUn.bit.i4 ^ iUn.bit.i5 ^ iUn.bit.i7 ^ iUn.bit.i8);</div> <div> entryun.entrybit.b20 = (iUn.bit.i2 ^ iUn.bit.i3 ^ iUn.bit.i4 ^ iUn.bit.i6 ^ iUn.bit.i7 ^ iUn.bit.i8 ); entryun.entrybit.b19 = (iUn.bit.i1 ^ iUn.bit.i2 ^ iUn.bit.i3 ^ iUn.bit.i5 ^ iUn.bit.i6 ^ iUn.bit.i7 ); entryun.entrybit.b18 = (iUn.bit.i1 ^ iUn.bit.i2 ^ iUn.bit.i4 ^ iUn.bit.i5 ^ iUn.bit.i6 ); entryun.entrybit.b17 = (iUn.bit.i1 ^ iUn.bit.i3 ^ iUn.bit.i4 ^ iUn.bit.i5 );</div> <div> entryun.entrybit.b16 = (iUn.bit.i3 ^ iUn.bit.i4 ^ iUn.bit.i8); entryun.entrybit.b15 = (iUn.bit.i2 ^ iUn.bit.i3 ^ iUn.bit.i7); entryun.entrybit.b14 = (iUn.bit.i1 ^ iUn.bit.i2 ^ iUn.bit.i6); entryun.entrybit.b13 = (iUn.bit.i1 ^ iUn.bit.i5);</div> <div> entryun.entrybit.b12 = (iUn.bit.i4); entryun.entrybit.b11 = (iUn.bit.i3); entryun.entrybit.b10 = (iUn.bit.i8); entryun.entrybit.b9 = (iUn.bit.i2 ^ iUn.bit.i7 ^ iUn.bit.i8);</div> <div> entryun.entrybit.b8 = (iUn.bit.i1 ^ iUn.bit.i6 ^ iUn.bit.i7); entryun.entrybit.b7 = (iUn.bit.i5 ^ iUn.bit.i6 ); entryun.entrybit.b6 = (iUn.bit.i2 ^ iUn.bit.i4 ^ iUn.bit.i5 ^ iUn.bit.i8); entryun.entrybit.b5 = (iUn.bit.i1 ^ iUn.bit.i3 ^ iUn.bit.i4 ^ iUn.bit.i7 );</div> <div> entryun.entrybit.b4 = (iUn.bit.i2 ^ iUn.bit.i3 ^ iUn.bit.i6); entryun.entrybit.b3 = (iUn.bit.i1 ^ iUn.bit.i2 ^ iUn.bit.i5); entryun.entrybit.b2 = (iUn.bit.i1 ^ iUn.bit.i4); entryun.entrybit.b1 = (iUn.bit.i3);</div> <div> crctable[iUn.i] = entryun.entry; } }
试试其它关键字
破解zip密码
同语言下
.
获取手机通讯录 iOS去除数字以外的所有字符
.
异步加载音乐等资源
.
交通罚单管理系统
.
freemark实现,简单的替换
.
计算斐波那契数列
.
base64解码 包括解码长度
.
图像显示
.
冒泡排序
.
输入十进制数,输出指定进制
.
链式栈
可能有用的
.
C#实现的html内容截取
.
List 切割成几份 工具类
.
SQL查询 多列合并成一行用逗号隔开
.
一行一行读取txt的内容
.
C#动态修改文件夹名称(FSO实现,不移动文件)
.
c# 移动文件或文件夹
.
c#图片添加水印
.
Java PDF转换成图片并输出给前台展示
.
网站后台修改图片尺寸代码
.
处理大图片在缩略图时的展示
Dezai.CN
贡献的其它代码
(
4037
)
.
多线程Socket服务器模块
.
生成随机密码
.
清除浮动样式
.
弹出窗口居中
.
抓取url的函数
.
使用base HTTP验证
.
div模拟iframe嵌入效果
.
通过header转向的方法
.
Session操作类
.
执行sqlite输入插入操作后获得自动编号的ID
Copyright © 2004 - 2024 dezai.cn. All Rights Reserved
站长博客
粤ICP备13059550号-3