利用 Python 破解 ZIP 压缩文件密码：基于字典与暴力破解的多线程实现—

本文链接：https://blog.csdn.net/naozibuok/article/details/147871548

rockyou.txt下载地址：
https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt

"dictionary" 模式（字典攻击）：使用一个预定义的密码列表（即“字典”）逐一尝试解压 ZIP 文件，直到找到正确密码或尝试完所有密码。
"brute" 模式（暴力破解）：程序会根据指定的字符集（如数字、字母）和长度范围，生成所有可能的组合，并一一尝试。
程序会自动先字典后暴力。

请手动调整
MIN_LEN = 4
MAX_LEN = 6
以节省时间。

import pyzipper
import itertools
import string
import threading
from tqdm import tqdm
import os

# === 配置项 ===
THREADS = 8
ZIP_PATH = "2026考研数学660（数学一二三）.zip"
MODE = "dictionary"  # "dictionary" or "brute"
WORDLIST_PATH = "rockyou.txt"
CHARSET = string.digits
MIN_LEN = 4
MAX_LEN = 6
LOG_FILE = "crack_result.txt"

# === 全局标志 ===
found_flag = threading.Event()

def try_password(zip_path, password):
    try:
        with pyzipper.AESZipFile(zip_path) as zf:
            zf.extractall(pwd=password.encode('utf-8'))
        if not found_flag.is_set():
            print(f"[✓] 破解成功！密码是：{password}")
            with open(LOG_FILE, 'w') as f:
                f.write(password)
            found_flag.set()
        return True
    except (RuntimeError, pyzipper.BadZipFile, Exception):
        return False

def dictionary_crack(zip_path):
    if not os.path.exists(WORDLIST_PATH):
        print(f"[!] 字典文件不存在：{WORDLIST_PATH}，自动切换到暴力破解模式")
        brute_force_crack(zip_path)
        return
    with open(WORDLIST_PATH, 'r', errors='ignore') as f:
        passwords = [line.strip() for line in f if line.strip()]
    for pwd in tqdm(passwords, desc="字典破解中", unit="pwd"):
        if found_flag.is_set():
            return
        try_password(zip_path, pwd)

def brute_force_crack(zip_path):
    def worker(length_range):
        for length in length_range:
            for combo in itertools.product(CHARSET, repeat=length):
                if found_flag.is_set():
                    return
                pwd = ''.join(combo)
                try_password(zip_path, pwd)

    ranges = []
    step = (MAX_LEN - MIN_LEN + 1) // THREADS
    for i in range(THREADS):
        start = MIN_LEN + i * step
        end = MIN_LEN + (i + 1) * step - 1
        if i == THREADS - 1:
            end = MAX_LEN
        ranges.append(range(start, end + 1))

    threads = []
    for r in ranges:
        t = threading.Thread(target=worker, args=(r,))
        t.start()
        threads.append(t)

    for t in threads:
        t.join()

def crack_zip(zip_path):
    if not os.path.exists(zip_path):
        print(f"[✗] 文件不存在：{zip_path}")
        return

    print(f"[•] 正在破解：{zip_path}")
    print(f"[•] 模式：{MODE}")

    if MODE == "dictionary":
        dictionary_crack(zip_path)
    elif MODE == "brute":
        brute_force_crack(zip_path)
    else:
        print("[!] 错误：未知模式")

    if not found_flag.is_set():
        print("[×] 破解失败，密码未找到。")
    else:
        print(f"[✓] 密码已写入 {LOG_FILE}")

if __name__ == "__main__":
    crack_zip(ZIP_PATH)