Description
Hi there! I wanted to see if it was possible to crack the password for an old zip archive (ZipCrypto deflate) containing a single large mp4 file. I have tried using brute force through johntheripper but it took too long since the password seems to be a long string and the person who created the password has long forgotten it.
I realize that doing a plaintext attack on a file with deflate compression is difficult since we cannot just compress the mp4 header as plaintext.
However, the key here is that I have multiple other single mp4 zip files from the same person that are all deflate compressed in the exact same way but are NOT encrypted. Because of this, I was able to extract those files and open them in notepad++ to figure out that the mp4 video uses this file type box.
Hexadecimal:
00000018667479706d7034320000000069736f6d6d703432
ASCII
....ftypmp42....isommp42
So then in hopes of getting some plaintext to work with, I tried opening these unencrypted compressed files in notepad++ as well, but it extracts the file first and then opens up the uncompressed file in notepad++ and now I'm quite lost as I'm still somewhat new to all of this 5003 . How can I use the data from those other unencrypted deflate compressed zip files in order to find some sort of pattern that could potentially help me do a plaintext attack on the encrypted file?
EDIT: After playing around with the other files more, I was able to match the exact deflate compression. The method used for the deflate is when you right click a file -> 7-zip -> add to archive.zip
I still don't know how to translate this information into usable plaintext however.