Sign in to follow this  
Followers 0
cm0002

RAR dictionary attack software with high flexibility

7 posts in this topic

Hi,
I have a RAR file encrypted with a password that i have forgotten, now i know brute forcing would take a looong time so i want to do a dictionary attack because i know all the possible words in the password and i know that there's an "_" in place of spaces and only 2 special characters "@" and "!" at the end and a 3 digit number that i know as "123" just cant remember the order everything went in. However i can't seem to find any software that would allow this level of flexibility, do you guys know of any software that can give this kind of flexibility? I don't really care if its free or 100$ as long as it works
thanks in advance

Share this post


Link to post
Share on other sites
[quote name='cm0002' timestamp='1337122545' post='361036']
Hi,
I have a RAR file encrypted with a password that i have forgotten, now i know brute forcing would take a looong time so i want to do a dictionary attack because i know all the possible words in the password and i know that there's an "_" in place of spaces and only 2 special characters "@" and "!" at the end and a 3 digit number that i know as "123" just cant remember the order everything went in. However i can't seem to find any software that would allow this level of flexibility, do you guys know of any software that can give this kind of flexibility? I don't really care if its free or 100$ as long as it works
thanks in advance
[/quote]

This one:
http://www.elcomsoft.com/archpr.html

in second place i'd say this:
http://www.lostpassword.com/rar.htm

Share this post


Link to post
Share on other sites
OP: if you cannot find something that has the masking options you need, try JTR's advanced rule sets. While kinda complex, they provide a lot of flexibility. JTR can be put in a mode to just generate a custom word list from rules.

Share this post


Link to post
Share on other sites
i tried archpr but for some reason when i load the archive it freezes and crashes, probably because its over 4gb big. but i will try JTR next thanks

Share this post


Link to post
Share on other sites
[quote name='cm0002' timestamp='1337420117' post='361046']
i tried archpr but for some reason when i load the archive it freezes and crashes, probably because its over 4gb big. but i will try JTR next thanks
[/quote]

If you know the placement of certain characters (e.g. the 123 is at the end, or the password starts with "bob") you could always perform a hybrid attack and only bruteforce part of the password, this would save you tons of time. Sorry if that's what you guys already suggested, I haven't played with JTR too much lately, so I'm rather unaware of how it's advanced rules work.

Here's an explanation of how hybrid attacks work:
[url="http://mrcracker.com/2012/05/password-cracking-part-7-hybrid/"]This text here is a link[/url]

EDIT: Just so it is made known, I am the biggest hybrid attack fan boy there has probably ever been. Edited by TheFunk

Share this post


Link to post
Share on other sites
Look up cuda cracking, with passthru with crunch, purehate has a pdf online... I'm on my Droid I would give u a link...

You would needto figure out your crunch command... I'm sure purehate would help you put together the cmd with the description you just gave

edit, im not all that great with fancy linux commands, but here is basic example (password legth 4 to 5)

[code]./crunch 4 5 '@!_123asdfghjklqwertyuiopzxcvbnm'[/code]
if you know the password length this wont take that long Edited by I8igmac

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0