Hello, friends! In the last article, we figured out how to put a password on a folder and came to the conclusion that the easiest way is to make an archive with a password from this folder and delete the original. This way, your data will be password protected and no one will simply view your information. This is a convenient thing and I use it myself sometimes. But, you can forget the password for your archives. And it’s not uncommon for hacking programs to be so popular. In this article we will look at how to hack an archive with a forgotten password. We will analyze it using the example of the free utility crark.
Introduction
Is it possible to hack an archive? If this archive is yours and you have at least a little idea of what you could have written in the password, then yes. If the archive is someone else’s, and it has a strong password consisting of 8+ characters including English and Russian letters, changing case + numbers + special characters, then no. Why not. Because now archivers correctly encrypt archives, unlike previous versions, in which holes were found over time, and thanks to them it was possible to quickly guess the password for the archive. Today this will not work and you will have to use a complete search of all characters.
To quickly search, you need a fairly powerful computer. The more powerful the better. This means a modern processor and a video card or several video cards. Modern password guessing programs successfully use the computing power of graphics adapters, so if you have a modern and powerful video card, you can guess the password much faster. Below is a table where you can see the approximate time it takes to crack the archive password. The guessing speed was approximately 250 passwords per second for my Core i3 3225 processor. The time depends on the number of options. The latter, in turn, depend on the number of characters in the set and the number of characters in the password. If our password consists of only numbers and has 3 characters, then the number of options will be 10x10x10=1000 since we have a complete search.
From the table you can see that with an increase in the number of password characters by 1, the calculation time increases from 10 to 100 times. This is on one processor. If you add a video card to this, you can reduce the average time by 10 times. It all depends on the power of the video. All of the above serves one purpose. So that you realize the time it takes to find a good password for someone else and, in turn, make good passwords yourself.
The most popular archivers in the Windows environment are arj, rar and zip, with the last two being the most used. What might be the reasons for using archivers? In general, there are two main ones. The first is the desire to reduce the amount of data that we are going to store or send over the network for a long time. Many more use archivers to store encrypted data. To put it this way, to hide valuable information from prying eyes. Two problems immediately emerge. First, the data is encrypted using a password, and the password can be forgotten. Which is often what happens. And even if you are the creator of the archive, you still cannot open it without a password. Second, the person who created the encrypted archive almost always believes in the steadfastness of the system, otherwise he would not have created it. So let's find out how reliable the system is.
Archives like rar and winrar use a very strong encryption algorithm, so only one of the methods listed above can be applied to them.
To do this, you can use the Advanced RAR Password Recovery (ARPR) program. You can download the demo version or buy the full version here https://www.passwords.ru/arpr.html. What can the program do? Everything is within reason. The program has a beautiful design and supports English and Russian interface. All compression methods available in RAR are supported, including self-extracting archives (SFX). It is possible to specify your own character set for brute force passwords (Russian character set is also supported), it is possible to brute force passwords using a dictionary, and you can also set a mask for brute force. The password search process can be stopped at any second, and then continued from the same place even after exiting the program. What are the disadvantages? In general, there is only one minus: the program is paid, but if you dig deeper on the internet, you can find it for free.
cRARk 2.3 is one of the most powerful and fastest rar password crackers (for archives version no lower than 2.0) from Pavel Semyanov. The program works great both under DOS and Win32. Supports solid archives, SFX archives, long file names, built-in Password Cracking Library (PCL) with multilingual dictionaries and functions for cracking a partially known password. The program is well documented (in Russian) and is supplied with a “sample” password-protected archive with a ready-made hacked configuration. The latest versions of cRARk have added support for “stored” files (-m0), a 2-fold optimization in speed on P-Pro / P-II processors (auto-detection of the processor type is also provided). In addition, the cRARc executable file for Linux (ELF) has appeared. You can download the program here https://www.password-crackers.com/crack.html.
RAR Password Cracker is a console utility for recovering lost passwords from RAR 2.x archives. Selects by trying all possible combinations of characters and/or using passwords from a list. It can save the current state of operation, which increases reliability and ease of use, and also, with skillful configuration, allows you to parallelize the search process. Can write probable passwords to a file. Works also under OS/2. The program is available here https://www.rarpasswordcracker.com/.
RARBreak II is another RAR archive password cracker (at least version 2.0) by Alexander A. Bouroff. Runs under DOS4GW. To crack a password using RARBreak, you will need to find an unpacked file identical to one of the files contained in the password-protected archive. There is Russian documentation and a test example of the archive. ftp://ftp.elf.stuba.sk/pub/pc/pack/rarbrk2.zip
RARCrack 1.02b - Rar-archive password cracker - A relatively new program for cracking passwords in RAR archives by Vlad Vasyagin. For it to work, you need the standard unpacker UnRar.exe. There are a couple of command line options (although not all of them work yet). The utility comes complete with a test password-protected archive, several character dictionaries and a document in Russian. https://arctest.narod.ru/filez/rar-crac.rar
RAR Password Search 1.02 is a not yet outdated German program for cracking passwords in RAR archives by DRK-Soft, which requires the standard UnRar.exe unpacker to work. In addition to brute force using the characters specified in the configuration, it allows you to select a password using a dictionary (though in reality everything happens the other way around - first, matches are checked in the dictionary, and then brute force). You can stop hacking at any second (by pressing ESC) and save the current state of the search by answering the question with the letter “J” (in the sense of “Ja” - a non-technical program). And when you want, you can run the program again with the option to restore work “from the middle.” The utility comes complete with a ready-made configuration file, a small dictionary and documentation in German.
From the above, it is obvious that finding a password for a rar archive is not an easy task, and if a person tries hard to invent a password, the task can turn out to be very difficult.
Advanced ZIP Password Recovery (AZPR) is a program for recovering forgotten passwords for archives created by ZIP and WinZIP archivers. The program allows you to select passwords for archives using direct brute force or a dictionary attack. AZPR has the world's fastest search module, optimized for Pentium III and Pentium IV processors. The program has an English and Russian interface and supports archives containing any number of files. Supports all compression methods available in ZIP. In all other respects it is no different from a similar program for rar.
FZC (Fast Zip Password Cracker) is a fairly new, developing Zip password cracker by Fernando Papa Budzyn. There is version 1.05 for DOS with a couple of bugs, released more than a year ago, a fresh, untested, but seemingly bug-fixed DOS version 1.05b, plus a semi-reworked Windows version of the cracker - FZC 1.06 - was released not so long ago. The operating speed is, in general, quite good (about 38,000 passwords per second on the P166MMX). Provides: password search using brute force method, dictionary attack, recovery of partially known password; performance testing function, ability to work with broken, trimmed, multi-volume archives. The ability to divide the hacking process into “parts”, performing it on several computers. Several hacking modes, optimized for different CPU/Cache/MB sets. Ability to stop/resume the hacking process at any time. There are actually a lot of options! The program and sources can be downloaded from the website https://www.netgate.com.uy/~fpapa/.
FCrackZip is a fairly new, freely developed console password cracker for Zip archives (and, more recently, password-protected PPM images), originally written for Linux. According to the author, Marc Lehmann, it is a very fast program in its class, which is generally confirmed by tests (about 400,000 passwords per second (4000 if one file) on the P166-MMX). Many useful options are provided, and it supports hacking multiple archives at the same time. Unfortunately, the latest version of this program available on the website for DOS has an earlier version than for xNIX, namely 0.0.4. This version is not so fast, so we'll wait. Starting from version 0.2, the program allows you to find out the password for PPM images using brute force. By the way, as far as I know, this is so far the only program that allows you to “break” encrypted Pegasus-format images. https://www.goof.com/pcg/marc/fcrackzip.html
PKZCheck (PKZIP Password Checker) - a small zip password checker by Mercury Soft Technology Ltd. Why not a burglar? Yes, because this utility only allows you to check whether any password from a text dictionary file is suitable for the archive being tested, in which you can write down the expected passwords. If one of the words matches, then the program reports the appropriate password, and if not, then it does not report it.
UZPC (Ultra Zip Password Cracker) is a cool compact Zip password cracker from Ivan Golubev with a graphical interface and excellent operating speed optimized for modern processors (brute force - about 1,500,000 passwords per minute on a K-6-300 MHz system when working with an archive containing more than three files). Search for a password using a brute force method (with the ability to limit the number and set of characters), dictionary attack (with a choice of method for modifying test passwords), mixed attack (dictionary plus brute force). The ability to unpack all password-protected archive files if you have one of the files from this archive on your disk (known plaintext attack). Ability to stop/resume the hacking process at any time (there are also options for auto-saving state). Supports multiple languages in the program interface, adjusting work priority, minimizing the System Tray icon. ftp://ftp.golubev.com/uzpc.zip
VZPRP (Visual Zip Password Recovery Processor) is a good GUI Zip password breaker by ForthTech Software. It has a good search speed, which reaches 1,200,000 passwords per second on PII 366. The program’s features are: - support for searching for passwords in SFX archives (EXE), in archive headers (that is, the entire archive is not needed - you can find most of it in the hacked copy cut it so no one guesses...); — the ability to work in the background, adjusting the priority and minimizing the program window to the tray; — ability to check passwords manually; — possibility of simultaneous hacking on several computers; — heuristic analysis that reduces the time of searching for a password in 50-70% of files; — the ability to stop the search and continue the search (even after exiting the program) from the last “position”; — a good graphical interface, functions for viewing statistics, operating speed, etc.; — the ability for the user to specify the password length, character set (including non-English ones), etc.; — almost equally high search speed for any number of files in the archive (for most hackers the speed drops sharply when working with archives containing less than three files); — many attack methods (simple brute force, using a dictionary, using a template, brute force spelling errors, password recovery if you have one of the archive files on your disk);
The program comes with: detailed HTML documentation, a test password-protected archive, a dictionary of 450,000 English words, ready-made character sets.
In the latest version, the speed of simple search has been increased by 10%, it has become possible to set a higher processor priority for the program, the user interface has been improved, and bugs have been fixed. https://www.zipcure.com/
Advanced ARJ Password Recovery allows you to access a password-protected archive without a password. In her work, she uses two different methods, which allows her to get pretty good results. Of course, the speed of Advanced ARJ Password Recovery could be faster, but still this program remains today the best utility for guessing passwords for arj archives.
And finally, I’ll talk about Advanced Archive Password Recovery (ARCHPR). This is a program for recovering forgotten passwords for ZIP (PKZIP, WinZIP), ARJ/WinARJ, RAR/WinRAR and ACE/WinACE archives. The program combines all the capabilities of Advanced ZIP Password Recovery, Advanced ARJ Password Recovery, Advanced ACE Password Recovery and Advanced RAR Password Recovery. In addition to these features, ARCHPR can guarantee the restoration of the contents of WinZIP archives if they contain more than five files. The program has the same characteristics as all programs developed by ElcomSoft Co.
What conclusions arise? Modern archives have high cryptographic strength, but this does not provide a 100% guarantee if you use weak passwords. Use long, uncommon passwords. And most importantly, do not forget them, otherwise no one will help you. Let's assume that your password consists of 5 characters and each character can be an English uppercase or lowercase letter, or a number. Then each character can be any of 64. Therefore, the number of all possible combinations is 64 to the power of 5, that is, 1073741824. The FCrackZip program has a brute force speed of 400,000 passwords per second. This means that all the passwords from our example can be sorted out using it in approximately 45 minutes. And if the password consists of 6 characters, then all combinations can be sorted out in 47 hours. It’s scary to even think how long it will take to crack a 15-character password. And if at the same time we increase the number of possible values, for example, to 255, then it is generally difficult to imagine a figure expressing the number of years needed for the search. Choose passwords that are as long as possible and as illogical as possible. And don't forget them!
Hacking zip, hacking rar, guessing passwords for zip, guessing passwords for rar, hacking program zip, hacking rar program, hacking winrar, hacking RAR archives, hacking zip archives
Download and unpack the utility for hacking archives
Go to the official website of the crark program
https://www.crark.net/
AND
either for RAR or 7-zip archiver.
Maybe
more common so let's download for it. If you have a video card and want to use it, then go down a little further to the cRARk download section and select the recommended version for NVIDIA GPU or AMD GPU. Pay attention to the driver recommendations. It is recommended to install the latest drivers.
The Crark utility has been downloaded.
.
You can read how to open a RAR archive here. When unpacking the archive, a window will appear asking for a password.
.
Downloaded and unpacked. Let's move on to the settings.
RAR archive password strength
In the world of IT technologies, there are many utilities that can crack password protection, using complex algorithms and key brute force methods. Therefore, try to enter a complex password, this will largely eliminate the danger of guessing it.
Absolute protection, in general, does not exist, but from a huge number of overly curious people, this method of protecting archives is quite effective and not at all bad.
Tell your friends about this article:
Setting up crark
We will do everything according to the instructions - readme.rus.txt.
1. If we have Windows 7, it is recommended to run driver-timeout.reg and add information to the registry. We have Windows 8, so we’ll run it the same way.
, click Yes.
Then appears
that the data has been successfully entered. Click OK.
2. Reboot the computer
3. Find the file russian.def and rename it to password.def
4. Open and study the password.def file. If you are asked what to open the file in, choose any text editor. A notepad will do.
In this file, you need to configure password selection rules and set them after the line containing ##. Some of them are already given there as an example. You need to derive your own from these examples.
The # sign means that the line is commented out. That is, the actions described in it will not be performed.
By default, the line $a * is already open there. This means that the password to the archive will be selected using small English letters. If you need to iterate over small and capital letters, then you need to specify the following construction [$a $A] *
As I understand it, if you also have numbers in your password, the construction will be [$a $A $1] *
If special characters may also be present, then [$a $A $1 $!] *
Thus, we comment out everything unnecessary with the # icon, and leave what we need and customize it for ourselves.
If you remember part of the password, then enter a construction similar to Pass $1 $1 - this way only the last two digits will be calculated, which will significantly speed up the search.
After all the settings, save the file password.def
5. It is necessary to copy the password-protected archive to the crark folder (the one in which we unzipped the downloaded archive cracker) to make it easier to launch.
Now that the setup of the crark program is complete, let’s proceed directly to hacking the archive.
Basic types of attacks
The main types of attacks include the following:
- Dictionary attack. This method is suitable if the password for the RAR , which forgot , consisted of short, meaningful passwords (for example: a significant word or personal information about yourself or loved ones). In 80% of cases, the password can be guessed by a dictionary containing up to 1000 words. The utility by default contains 3 dictionaries in Russian, German and English. It is possible to connect other dictionaries through the “Settings” section.
- Plaintext. This is a variant of cryptanalysis in which the user has access to fragments of ciphertext or files from an encrypted archive. It allows you to reliably decrypt a password regardless of its level of complexity.
- "Password from keys" attack. This is an effective method for recovering a password longer than 10 characters if you have the encryption key before the attack. This is what can most often be found in recommendations on how to open an archive if the user has forgotten its password .
- Search by mask. This method is only suitable if the length of the code or its individual part is known.
Selecting the code from the archive will take some time. The Advanced Archive Password Recovery utility is an effective software that allows you to recover the most complex passwords or remove protection.
Hack the archive
Let's take advantage
.
Unpack the downloaded archive.
Launch cRARk GUI.exe
If appears
- click Launch.
The cRARk graphical interface starts. Click
and indicate the folder in which crark was unpacked, for me it is crark50 on the Desktop.
Expand the drop-down menu in the Password Definition File and
— the file with a description of passwords that we configured in the previous paragraph.
and set the path to the archive with a password.
Click Start and
. To make it faster, I made the password easy - 3 digits.
. Click OK.
If we are dealing with an encrypted archive, then in the graphical interface
.
To receive an encrypted archive, you need to set the password when setting
. This should be described in the article on how to put a password on a folder.
If you have any questions, please leave them in the comments.
Method 2. Hack Windows 7/8/10 password using Hiren Boot CD
Step 1: Before you start hacking Windows using Hiren's boot CD, burn this file to your boot disk.
Step 2: Insert this disk into your locked Windows computer and set it to boot from this disk.
Step 3. When Hiren's CD menu appears, you need to select “Offline NT/2000/XP/Vista/7 Password Changer” and press “Enter”.
Step 4. Step 4. When prompted to start downloading, press “Enter” to crack the Windows administrator password.
Step 5. On the screen, after you see all the possible partitions of your computer, select the partition where Windows is installed. Press “Enter”.
Step 6: You will now be asked to confirm the registry path. Just press “Enter”, by default the registry path will be correct.
Step 7. Moving to the next level of how to hack Windows login password, select the default option “Password reset” and press “Enter”.
Step 8. Select the default option “Edit user data and passwords” and press “Enter”.
Step 9: Enter the username whose password you want to crack.
Step 10: Type 1 and press Enter. This will start the process to crack your Windows password using Hiren's BootCD.
Step 11: At this point, enter “!” and press Enter to close the User Editor menu.
Step 12. Key in "q" to exit the main interactive menu.
Step 13: Now enter “y” to save the password hack changes.
Step 14. You have successfully completed cracking the administrator password on Windows. Extract Hiren's BootCD and simultaneously press the “ctrl+Alt+Del” keys to reboot.
Hacking a paid archive
Different file storage services want to take money from us in different ways. For some, these are Gold accounts; for others, these are self-extracting archives that require sending an SMS for unpacking. This method is intended just for the latest archives.
- open the archive in any HEX editor (for example https://www.chmaas.handshake.de/delphi/freeware/xvi32/xvi32.htm#download)
- We are looking for two mentions of these characters “; [email protected] @!;" - without quotes
- We look for byte 0A after the second mention and from the beginning of the file to this byte 0A we delete everything
- Save the changes and rename the file to the desired extension (depending on what you downloaded, music - MP3, video - avi or mkv, and so on)
All! Let's try to open the file.
I will say right away that I have not yet been able to use this method. Therefore, I will be grateful if you write about the results in the comments. Or you can send the archive by mail, I’ll try it myself and write back.
Hacking options
Let me start by saying that this is not very easy to do, because otherwise creating passwords would simply be a useless exercise. There are several ways. Only you can decide which one to choose, so now we will look at the instructions for each.
The password is a combination of certain characters. It is worth trying the combination selection method, but it will take a lot of time. What if not only numbers, but also other symbols were used in the compilation? Then the chances are reduced to zero. It is necessary to use the appropriate option, it is different for each case. To determine the hacking method, you need to find out what system is installed on the gadget. Users mainly work with Android as well as iOS.
