Cracking open recursively nested zip files

Here is a script courtesy of adithyaxx which helped me out recently.

I had a zip file containing hundreds of other zip files all contained within each other. The password for each file was it’s name. Manually typing in each password would have taken far too long, this little script helped automate the process.

#!/usr/bin/env bash
while [ -e *.zip ]; do
for file in $files; do
echo -n "Cracking ${file}";
output="$(fcrackzip -u -l 1-6 -c '1' *.zip | tr -d '\n')";
password="${output/PASSWORD FOUND\!\!\!\!: pw == /}";
if [ -z "${password}" ]; then
echo "Failed to find password";
break 2;
echo "Found password: \`${password}\`";
unzip -q -P "${password}" "$file";
rm "${file}";

It opens up the zip file, reads the file name and truncates the .zip part, then uses the remaining that as a variable for the next password attempt and keeps going until it fails. The useful thing is that is prints out the attempts as it goes along in case there are any hidden patterns in the passwords names you need to pick up on:


It runs through about 2-3 unzips every second so a 500 file recursive zip file would take 5-10 minutes to get to the end of, compared with a few hours of working by hand.