Brute Forcing 16~23 Character Password?

Discussion in 'Computer Programming, Emulation, and Game Modding' started by jonthedit, Nov 10, 2015.

  1. jonthedit

    jonthedit GBAtemp Advanced Maniac

    May 30, 2011
    *this RAR file is intended to be cracked, full permission granted

    I am tasked to crack a password [from a .RAR (not RAR5, this is an older rar format) RAR 3.0 Protection (2^128) that is 16 characters minimum, with it potentially being as long as 23 characters.

    Now I know what you are thinking.
    "DICTIONARY ATTACK!!" - Not applicable in the case, I was informed a dictionary attack will not help, even using some of the terabyte-sized lists.
    "TIMETIMETIME! You will be dead before you get the password!" - If the above was all I had to work with, then I agree!

    Here is the catch:
    Only the following characters are possibly used in the password
    acdehimnprsty ACDEHIMNPRSTY 3$*
    ^ caps and lowercase are the same letters, only numbers and symbols are '3' '$' and '*'
    Suddenly the challenge is more possible, but its not enough.
    So, we are given the first 8 characters of the password, however the second letter is an 's' and may be replaced with 's' 'S' or '$'. - Which makes this a bit more challenging.

    I have already looked into some software solutions like "RAR Password Unlocker" (this program supports Brute-force with Mask Attack, which is great) however, it is limited to a maximum of 16 characters.

    Where can I start with this, and what software [paid is fine] could possibly crack the above within the requirements?

    I found the freeware RAR Password Cracker, and it seems like a usable solution. Giving it a try. RAR 3.0 protection is the biggest issue, since it limits machines to less than 100 passwords per second.
    Last edited by jonthedit, Nov 10, 2015
  2. spoonm

    spoonm Can count to 3.

    May 20, 2015
    Have you tried cRARk? I never used it myself, but it popped up after a quick lookup on google. On the FAQ, it says it is limited to 28 characters. He also states "you don't need the source. Take UnRAR's sources and optimize the SetCryptKeys() function, next contact me.", so you could mess with that, I guess.

    You can get the tarball containing source code for UnRAR here.

    By the way, it still sounds pretty undoable. 29 possible states for 16-23 characters, 7 of which you know for sure, 1 has 3 possible states, 8-15 characters still on the 29 possible states situation. So, I might be doing the wrong maths, most likely, but...

    P here would be the number of possibilities you have for the password, with the given info. That's a lot, and at 100 tries/second, it'd take you(and again, I might be doing the wrong maths) just shy of 476 years to finish testing the possibilities for 16-digit passwords.

    I don't think you can work with 100 tries/second, and I'm sorry I can't give you any more advice. I'm new to this. :/