How can I open password protected .rar file
Current time: 10-21-2018, 07:24 PM
Users browsing this thread: 1 Guest(s)
Author: ska51
Last Post: ska51
Replies 5
Views 2812

[Request] How can I open password protected .rar file
#1
Dear respected members of CivilEA,

Greetings!!!!

Could anyone of you please help me to extract a password protected .rar file, for which I dont know the password? If you know the way of doing it, please let me know via my PM.

It would be a great help for me. Thanks in advance for your efforts.

Regards
ska51
"Downstream is Weaker"
Reply
#2
Hi Ska51,

To date there seems to be no cracking method which can retrieve a RAR password directly. I'm afraid you may have to resort to the brute-force (i.e. time consuming) method. There are many brute-force programs available out there, as I'm sure you are aware of.

There is a ray of hope, however. Also out there are text files of already-used passwords which the password program tries first, which can dramatically cut down the trial/error time.

Regards
[-] The following 5 users say Thank You to psppsp for this post:
  • ska51, Diquan, LiviuM, Grunf, david-smith
Reply
#3
Dear Ska51,

Brute force, dictionary

Advanced Archive Password Recovery
***************************************
Content of this section is hidden, You must be registered and activate your account to see this content. See this link to read how you can remove this limitation:

http://forum.civilea.com/thread-27464.html
***************************************


Accent RAR Password Recovery (this one uses the GPU)
***************************************
Content of this section is hidden, You must be registered and activate your account to see this content. See this link to read how you can remove this limitation:

http://forum.civilea.com/thread-27464.html
***************************************

***************************************
Content of this section is hidden, You must be registered and activate your account to see this content. See this link to read how you can remove this limitation:

http://forum.civilea.com/thread-27464.html
***************************************


Parallel Password Recovery (RAR module) v 2.0 (this one uses the GPU)
***************************************
Content of this section is hidden, You must be registered and activate your account to see this content. See this link to read how you can remove this limitation:

http://forum.civilea.com/thread-27464.html
***************************************


RAR Password Cracker
***************************************
Content of this section is hidden, You must be registered and activate your account to see this content. See this link to read how you can remove this limitation:

http://forum.civilea.com/thread-27464.html
***************************************

RAR Password Unlocker
***************************************
Content of this section is hidden, You must be registered and activate your account to see this content. See this link to read how you can remove this limitation:

http://forum.civilea.com/thread-27464.html
***************************************


The time spent to recover the pass depends on the length and number of symbols of the password. And the computing power.

the formula for the number of passwords is like [number of symbols]^[password length]
e.g.
number of symbols = only numbers 0..9 = 10, password length = 4, leads to
10^4=10,000 passwords
but if we add low caps letters a..z=26 and numbers 0..9 =10, leads to 36 symbols so
36^4=1,679,616 passwords
and if we add high caps A..Z=26 leads to 62 symbols so
62^4=14,776,336 passwords
your user name ska51, 36^5 is part of 60,466,176 possible passwords

Regards
[-] The following 7 users say Thank You to LiviuM for this post:
  • 3fan, ska51, Grunf, kowheng, shadabg, Dell_Brett, david-smith
Reply
#4
There's more to say:

Brute force, dictionary attacks means to try passwords until the exact matching password is found.
Any of the password finding software above should be tested (benchmarked) before used, don't trust it's statistics. Start a chronometer and compare time spent and the number of checked passwords.
The criteria should be: tried passwords/second.
The average performance on cpu is about 700 pass/sec. It depends if it's using all cores.
For 60,466,176 possible combinations it takes about 60,466,176/(700*3600)=24 hours to check all passwords.

If the length of the password is unknown one should compute combinations like this
10^4+10^3+10^2+10=11110 possible passwords
(0000..9999 + 000...999 + 00..99 + 0..9)

This is another software with gpu acceleration see the comparison for winrar
***************************************
Content of this section is hidden, You must be registered and activate your account to see this content. See this link to read how you can remove this limitation:

http://forum.civilea.com/thread-27464.html
***************************************


Some dictionary
***************************************
Content of this section is hidden, You must be registered and activate your account to see this content. See this link to read how you can remove this limitation:

http://forum.civilea.com/thread-27464.html
***************************************


This is one of the passwords used here by me: 2uFromCivilEA++
it's length= 15
it's symbols: numbers+letters both caps+special characters=> 10+26+26+32=94
94^15=3.95*10^29
3.95*10^29/700/3600/24/360~1.82*10^19 years

Winrar allows for Unicode passwords, if used there's almost no chance in breaking even a short password.

As a conclusion for long passwords and many symbols there's no chance to break them by basic brute force in useful time.

The dictionary attack should be the first choice. It should be carefully created by analyzing all available data regarding the person that compressed the file. If you have access to other passwords of that person and you can find a pattern chances could increase.

For good dictionary files or generators I don't have reference. Maybe some nice user will provide links, info.

Regards
[-] The following 1 user says Thank You to LiviuM for this post:
  • kowheng
Reply
#5
I stopped to try a long time ago after trying many programs because almost all the passwords i saw are long passwords, combining different symbols - digits, small characters, uppercase characters, special characters and i can't spend years for searching a password. The dictionaries are not better.

I spent some time (i don't know why because i don't need others WIFI but i hacked about 50 last two months) by breaking my neighbors WIFI paswords. Hacking WEP is a piece of cake but for WPA (today the most used) even if anyone can find dictionaries and rainbow tables everywhere the only dictionaries i can use are my self builded dictionaries around cellular numbers (a half of router owners use the cellular number as password at least my neighbors). The last and fast method is for WPS enabled routers but for RAR files no one can find such weakness so don't waste your time. If you want to buid dictionaries use Kristanix Password Generator Pro (i tryed a lot but this one is better).
[-] The following 3 users say Thank You to BennyP for this post:
  • LiviuM, 3fan, ska51
Reply
#6
Dear members,

Thanks for all of your nice comments and expertise suggestions. There is a saying that if you don't face problem, you are not going to learn about it. It is true for my case also. I tried with different win rar password recovery software, but failed and really, it is very difficult to break the protection of winrar protected file.

But sometimes the big problems will give you some rewards at the same time. It actually happened to me as well. During surfing through net and by your advice, I came to know that there is another alternative way of finding password. For example to search through google, if it uploaded anywhere and it actually happened to me. I found a site where the similar winrar file was uploaded and a password was there. I just tried and was successful. Now, it is over and I am happy with the file.

Last but not least, the moral is we should not go for recovery of winrar password protected file, unless we know the length of the password. It is very important when we use some recovery software for this purpose. It seems to me the password recovery software is only useful for those case, when an user forget his/her password and want to recover it. But for a totally unknown password protected file, for which we dont know the exact length and type of password, the software just simply takes long time without any sorts of fruitful results.

Thanks once again to all of you for your efforts to help me out for this problem.

Regards
ska51
"Downstream is Weaker"
[-] The following 2 users say Thank You to ska51 for this post:
  • albani, datagap
Reply




Users browsing this thread: 1 Guest(s)