1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Anyone Know How To Remove RAR Password?

Discussion in 'BlackHat Lounge' started by gimme4free, May 12, 2009.

  1. gimme4free

    gimme4free Executive VIP Jr. VIP Premium Member

    Joined:
    Oct 22, 2008
    Messages:
    1,879
    Likes Received:
    1,932
    It took me 5 minutes to get through the DL Guard protection on a product only to unzip it and find yet another password protected ZIP and readme asking to send payment details to get the password.

    The product is $1000 so I'd much rather just crack the password on the RAR lol.

    Anyone have any ideas other than a bruteforcer?

    If a bruteforcer is the only option could someone recommend a good one?
     
  2. q3ick

    q3ick Regular Member

    Joined:
    Oct 27, 2008
    Messages:
    414
    Likes Received:
    115
    Occupation:
    Full Time Student -- Working On My Masters In Busi
    Location:
    Places
    Home Page:
    • Thanks Thanks x 1
  3. dragon77

    dragon77 Power Member

    Joined:
    Jan 18, 2009
    Messages:
    576
    Likes Received:
    685
    Occupation:
    Increasing 5 Figures to 6 Figures
    Location:
    BHW-Gold Mine
    if i meet password protected zip, i'll just delete it. Since mostly are fake files. If they really want to share the real files, they won't password it. It's really not worth the effort of spending hours CPU performance to find out fake files except you know that files will be real deal.
     
  4. q3ick

    q3ick Regular Member

    Joined:
    Oct 27, 2008
    Messages:
    414
    Likes Received:
    115
    Occupation:
    Full Time Student -- Working On My Masters In Busi
    Location:
    Places
    Home Page:
    gimme4free

    This looks a little more promising designed specifically for .rar

    http://www.rarpasswordcracker.com/

    As Brutus can be quite confusing to set up if you don't know what your doing.
     
  5. gimme4free

    gimme4free Executive VIP Jr. VIP Premium Member

    Joined:
    Oct 22, 2008
    Messages:
    1,879
    Likes Received:
    1,932
    Damn, bruteforce/dictionary is just like pissing in the dark. I've got a 5 million password list running through it at the moment, doubt its one of them though :(
     
  6. syonxu

    syonxu Newbie

    Joined:
    Oct 17, 2011
    Messages:
    4
    Likes Received:
    0
    Actually opening password protected rar file without knowing the password is not difficult, all we need is RAR Password Decryption. RAR Password Decryption 3.0 released by Daossoft is very popular nowadays, This product has a user-friendly performance.

    RAR Password Decryption 3.0 recovers passwords for RAR archives created in WinRAR, RAR or any other RAR-compatible software. Forgetting a password for an archive created long time ago is a common annoyance. RAR Password Decryption helps you to get your data back. Advanced dictionary attack, brute-force attack, and advanced brute-force with mask attack are used to recover the password. This software is easy to install and easy to use. All you need to do to recover your password is just to drag and drop your file to the program window. Dictionary attack supports 'mistypes' and additional user dictionaries.
    It is very easy to use, just 3 steps you can open your password protected RAR file without the password.
    1. Open the rar file in RAR Password Decryption 3.0.
    2. Select an Attack type(Brute-force Attack, Brute-force whth Mask Attack,Dictionary Attack)
    3. Click Start and Sometime later, it will display the password.
     
  7. Black.Star

    Black.Star Junior Member

    Joined:
    Oct 4, 2011
    Messages:
    185
    Likes Received:
    1,028
    Occupation:
    IT security specialist
    Location:
    Europe
    Uhm... You know that we are talking about .rar files here... So don´t talk stupid stuff about things you don´t know anything about (like encryption).
    They are safe. Brutforcing a .rar file is like... Well you will fail 99,9%.

    There are two scenarios for a brutforce attack if you still want to "crack" the encryption.

    1. The password is short with a maximum of 6-7 numbers and letters. If you want to attack that kind of passwords you will attack the password and not the key. Will still take some time. (not sure how long. But should not take more then a few hours. (not sure))

    2. The password is more then 7 signs long. The only thing you can do here is to bruteforce directly with using all possible 128 bit keys. Average success rate for a home PC: zero

    Fazit: As long as you don´t know the key. You will fail.

    Just a bit basic password bruteforce informations for you:

    Our example System is a pretty good home PC and is able to bruteforce with:
    2096204400 (Keys/sec)

    Now we have a 10 signs long password with big and small letters aswell as numbers.
    So we have a total amount of 62 signs possible for the password.

    Here is the math:
    62^10 = 62 * 62 * 62 * 62* 62 * 62 * 62 * 62 * 62 * 62 = 839299365868340200
    839299365868340200:2096204400 = 400390041 seconds = 12.70 years

    If we have a 15 signs long password we would already need 11631483455.6 years.

    Some people think bruteforce is some kind of mighty hacking skill and with the tools you can crack the whole world. Basically you can. Practically. Well if you live so long... Do what you want.

    So please shut up with all your .rar crack tools and with all your childish thought about bruteforcing. It is simple math. Nothing more nothing less.

    Luckily the password length for .rar files doesn´t really matter when it is really long because you have limited amount of 128 bit keys. So a short and a really long password basically share their keys. And when you crack a decryption you will most of the time try to find out the key with a bruteforce attack. But 128 bit encryption are still really safe to use and nearly impossible for normal people with normal ressources to crack.


    Greetings,

    Black.Star


    Edit:

    Really sorry for bumping this thread. Didn´t saw the date of the first post. Just the post of the retard above me... -.-
     
    Last edited: Oct 17, 2011
  8. antrysmorus

    antrysmorus Newbie

    Joined:
    Oct 24, 2011
    Messages:
    0
    Likes Received:
    0
    RAR Password Recovery 5.0 recovers passwords for RAR archives created with WinRAR, RAR or any other RAR-compatible software. Forgetting a password for an archive created long time ago is a common annoyance. RAR Password Recovery helps you to get your data back. Advanced dictionary attack, brute-force attack, and advanced brute-force with mask attack are used to recover the password. This software is easy to install and easy to use. All you need to do to recover your password is just to drag and drop your file to the program window. Dictionary attack supports 'mistypes' and additional user dictionaries.
    Sorce from: recoverlostpassword