Objectives
• Part 1: Create and Encrypt Files
• Part 2: Recover Encrypted Zip File Passwords
Background / Scenario
What if you work for a large corporation that had a corporate policy regarding
removable media? Specifically, it states that only encrypted zipped documents
can be copied to portable USB flash drives.
In this scenario, the Chief Financial Officer (CFO) is out-of-town on business and
has contacted you in a panic with an emergency request for help. While out-of-
town on business, he attempted to unzip important documents from an encrypted
zip file on a USB drive. However, the password provided to open the zip file is
invalid. The CFO contacted you to see if there was anything you could to do.
Note: The provided scenario is simple and only serves as an example.
There may some tools available to recover lost passwords. This is especially true
in situations such as this where the cybersecurity analyst could acquire pertinent
information from the CFO, such as the length of the password, and an idea of
what it could be. Knowing pertinent information dramatically helps when
attempting to recover passwords.
Examples of password recovery utilities and programs include hashcat, John the
Ripper, Lophtcrack, and others. In our scenario, we will use fcrackzip which is a
simple Linux utility to recover the passwords of encrypted zip files.
Consider that these same tools can be used by cybercriminals to discover
unknown passwords. Although they would not have access to some pertinent
information, with time, it is possible to discover passwords to open encrypted zip
files. The amount of time required depends on the password strength and the
password length. Longer and more complex passwords (mix of different types of
characters) are more secure.
In this lab, you will:
•
Create and encrypt sample text files.
•
Decrypt the encrypted zip file.
Note: This lab should be used for instructional purposes only. The methods
presented here should NOT be used to secure truly sensitive data.
Required Resources
• CyberOps Workstation Virtual Machine
• Internet access
This study source was downloaded by 100000899194722 from CourseHero.com on 05-30-2025 16:55:16 GMT -05:00
https://www.coursehero.com/file/230448896/Objectivespdf/
, Part 1: Create and Encrypt Files
In this part, you will create a few text files that will be used to created encrypted
zip files in the next step.
Step 1: Create text files.
a. Start the CyberOps Workstation VM.
b. Open a terminal window. Verify that you are in the analyst home directory.
Otherwise, enter cd ~ at the terminal prompt.
c. Create a new folder called Zip-Files using the mkdir Zip-Files command.
d. Move into that directory using the cd Zip-Files command.
e. Enter the following to create three text files.
[analyst@secOps Zip-Files]$ echo This is a sample text file
> sample-1.txt
[analyst@secOps Zip-Files]$ echo This is a sample text file
> sample-2.txt
[analyst@secOps Zip-Files]$ echo This is a sample text file
> sample-3.txt
f. Verify that the files have been created, using the ls command.
Step 2: Zip and encrypt the text files.
Next, we will create several encrypted zipped files using varying password
lengths. To do so, all three text files will be encrypted using the zip utility.
a. Create an encrypted zip file called file-1.zip containing the three text files
using the following command:
[analyst@secOps Zip-Files]$ zip –e file-1.zip sample*
b. When prompted for a password, enter a one-character password of your
choice. In the example, the letter B was entered. Enter the same letter when
prompted to verify.
This study source was downloaded by 100000899194722 from CourseHero.com on 05-30-2025 16:55:16 GMT -05:00
https://www.coursehero.com/file/230448896/Objectivespdf/
• Part 1: Create and Encrypt Files
• Part 2: Recover Encrypted Zip File Passwords
Background / Scenario
What if you work for a large corporation that had a corporate policy regarding
removable media? Specifically, it states that only encrypted zipped documents
can be copied to portable USB flash drives.
In this scenario, the Chief Financial Officer (CFO) is out-of-town on business and
has contacted you in a panic with an emergency request for help. While out-of-
town on business, he attempted to unzip important documents from an encrypted
zip file on a USB drive. However, the password provided to open the zip file is
invalid. The CFO contacted you to see if there was anything you could to do.
Note: The provided scenario is simple and only serves as an example.
There may some tools available to recover lost passwords. This is especially true
in situations such as this where the cybersecurity analyst could acquire pertinent
information from the CFO, such as the length of the password, and an idea of
what it could be. Knowing pertinent information dramatically helps when
attempting to recover passwords.
Examples of password recovery utilities and programs include hashcat, John the
Ripper, Lophtcrack, and others. In our scenario, we will use fcrackzip which is a
simple Linux utility to recover the passwords of encrypted zip files.
Consider that these same tools can be used by cybercriminals to discover
unknown passwords. Although they would not have access to some pertinent
information, with time, it is possible to discover passwords to open encrypted zip
files. The amount of time required depends on the password strength and the
password length. Longer and more complex passwords (mix of different types of
characters) are more secure.
In this lab, you will:
•
Create and encrypt sample text files.
•
Decrypt the encrypted zip file.
Note: This lab should be used for instructional purposes only. The methods
presented here should NOT be used to secure truly sensitive data.
Required Resources
• CyberOps Workstation Virtual Machine
• Internet access
This study source was downloaded by 100000899194722 from CourseHero.com on 05-30-2025 16:55:16 GMT -05:00
https://www.coursehero.com/file/230448896/Objectivespdf/
, Part 1: Create and Encrypt Files
In this part, you will create a few text files that will be used to created encrypted
zip files in the next step.
Step 1: Create text files.
a. Start the CyberOps Workstation VM.
b. Open a terminal window. Verify that you are in the analyst home directory.
Otherwise, enter cd ~ at the terminal prompt.
c. Create a new folder called Zip-Files using the mkdir Zip-Files command.
d. Move into that directory using the cd Zip-Files command.
e. Enter the following to create three text files.
[analyst@secOps Zip-Files]$ echo This is a sample text file
> sample-1.txt
[analyst@secOps Zip-Files]$ echo This is a sample text file
> sample-2.txt
[analyst@secOps Zip-Files]$ echo This is a sample text file
> sample-3.txt
f. Verify that the files have been created, using the ls command.
Step 2: Zip and encrypt the text files.
Next, we will create several encrypted zipped files using varying password
lengths. To do so, all three text files will be encrypted using the zip utility.
a. Create an encrypted zip file called file-1.zip containing the three text files
using the following command:
[analyst@secOps Zip-Files]$ zip –e file-1.zip sample*
b. When prompted for a password, enter a one-character password of your
choice. In the example, the letter B was entered. Enter the same letter when
prompted to verify.
This study source was downloaded by 100000899194722 from CourseHero.com on 05-30-2025 16:55:16 GMT -05:00
https://www.coursehero.com/file/230448896/Objectivespdf/