Hey guys, I am a bit confused here ... making a script to brute force through a dictanary the password of a zip file and it seems to work fine except that it won't stop when the password is found. And when it prints the password it just prints the last one in the dictionary file

Here is my script

def attackZip(filename):

    zFile = zipfile.ZipFile(filename)
    passFile = open('dictionary.txt')

    for line in passFile.readlines():
        password = line.strip('\n')

        try:
            zFile.extractall(pwd=password)
            print '[+] Password = %s + \n' %(password) 
            exit(0)

        except Exception, e:
            pass

As an example if I have a zip with password "password" and then
dictionary file contains
monkey
123
password
321

I don't get anything printed back and if I try to return the password, it just returns the last word that was on the list '321' in the example above

Hmm, I just ran the script on Windows instead and it works, uh ?

Still makes no sense to me, when executed in Linux's terminal, I don't get the print being executed, it works just fine in IDLE on windows. confused

Did you create the text file on Windows? If so, it probably uses '\r\n' as the line ending, so after stripping the '\n', the passwords will end up as 'password\r' and thus not compare equal to 'password'.

That would explain why the problem does not occur in Windows as Python (like most languages) will automatically translate '\r\n' to '\n' when opening files in text mode on Windows (and only there).

If the dictionary file was created on windows, it may have windows-like end of lines. Try to open the dictionary file with mode 'rU' (universal newlines).

Edited 1 Year Ago by Gribouillis

Oh wow ... that was actually the problem, can't believe I didn't think of it .. just copied the file while on Linux and it works as expected, Thank you guys

The first thing I do with editors on Windows is to set new lines to Linux Style. Wonder if there is a way to do this within Python code?

This question has already been answered. Start a new discussion instead.