#1
|
|||
|
|||
Particular Case of RAR Password Cracking
Hi there,
I'm here to ask some advice for a particular case of RAR Password Cracking. I'm using ElcomSoft ARCHPR 4.54 for this purpose but the inner workings of the program are slowing down the process, or, at least, I don't know it it can be set properly for my case. The situation is the following: 1. I have many RAR archives, whose files are protected with a single password. (only the files are protected, the archive can be opened and I can see the contents, only extraction needs password) 2. I know the "philosophy" which was used to generate the passwords. They are all Latin Words, only the first letter is capital, no numbers, nothing else. 50% of the files contain a file which name contains this password. Another 25% of the files has a password which is not present in the files name but it is a common latin word. All the passwords are 2 to 8 character maximum. 3. At the moment, the first 50% of the files have been cracked manually and the second 25% of the passwords have been cracked with the auxilium of ARCHPR and the Dictionary attack with the whole list of Latin words. The problem is the following: A Latin word (actually it is not Latin but a language derived from Latin which uses conjugation), can have many forms and the dictionary attack only has the "base" form. (ex. base form: habere conjugted: habeo, habes, habet, habebus, habetis, habent) Since the "logic" behind the passwords is always the same, I suspect that the 25% of the non cracked passwords do use conjugated words that, of course, ARCHPR is unaware of since they are not present in the dictionary supplied. There is also a remote possibility that it might use proper people's name, like Jesus, Mary, Joseph and so on, but this is not an issue because with a bruteforce attack the meaning of a word is useless I am trying to figure out how to instruct ARCHPR to perform a brute-force attack based on these premises. The problem is that, with ARCHPR, if I specify A->Z and a->z, the software tries every possible combination. This arises 2 problem: 1. Out of feasability of cracking time. 2. A lot of wasted time, since only the first letter is capital, and the others are not, so we have that only the first letter is A->Z + a->z and the subsequent others are only a->z. So far, I have been unable to figure out a solution using ARCHPR... Do someone of you have a clue on how to do this thing, or can suggest other, more configurable software, to achieve this goal? Thankyou. Last edited by TmC; 03-03-2018 at 03:13. |
#2
|
|||
|
|||
1) Get a better dictionary - find a list of all conjugated forms of the language words you are dealing with somewhere out there.
2) Generate your own dictionary - find a list of base forms of the language, find an exhaustive list of possible suffixes, write a small program to combine all combinations. Really I don't think there are any tricks when you have such a specific situation beyond that you have already kind of guided this response. |
The Following User Says Thank You to chants For This Useful Post: | ||
tonyweb (03-03-2018) |
#3
|
||||
|
||||
1. just simple: ask password from owner you should have 50 % chance
2. passware 1.1 see https://rutracker.org/forum/viewtopic.php?t=5381706 or 4.0 https://dailyuploads.net/7a7g0uqj2xmh for that maybe someone share a good new serial for 2017.4.0 3. AccentRPR 3.5 build 3415 x64 http://sendfile.su/1287496 that works on windows 7 x64 P.S. here is not free databases: https://www.4shared.com/office/fqQqWxKPba/0all_about__dictionary_with_mo.html
__________________
Decode and Conquer Last edited by niculaita; 03-05-2018 at 06:07. |
#4
|
|||
|
|||
Use free tools, they are more flexible
First use rar2john from John The Cracker jumbo package to get the hashes. With the hashes listed in a file you can start cracking them with john or hashcat . In your case the "Wordlist + Rules" option is needed: c Capitalize the first letter and lower the rest Google for a good dictionary or use those from SecLists. More: Code:
https://hashcat.net/wiki/doku.php?id=rule_based_attack https://hashcat.net/wiki/doku.php?id=hashcat https://github.com/danielmiessler/SecLists/tree/master/Passwords Quote:
|
#5
|
|||
|
|||
thankyou everyone.
I'm going to study the situation and decide what is best based on your kind suggestions. I'll let you know what's going on. @niculaita: do you believe that if 1 was applicable, i'd have written that long paragraph on this forum? |
The Following User Says Thank You to TmC For This Useful Post: | ||
niculaita (03-04-2018) |
#6
|
|||
|
|||
Hi there:
using your help I've been able to find the password for another 20% file (3 proper names, the sons and daughters of the person who protected them). Now there is only left 5% (~50 files) and the program is still working...so there's the change that by tomorrow all the password will be found. Special thanks to chants who suggested to find a better dictionary. I found one (3.7 mb against 0,66 of the first) that as for now, was able to supply the password do open 2/3 of the files. I'll let you know when the entire thing will finish |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
How to develop an unpacker - The StarForce case | elephant | General Discussion | 2 | 04-13-2017 09:58 |
Cracking an Installshield Package Password | temprand | General Discussion | 4 | 09-02-2003 15:43 |