Linux Questions?

  • Thread starter RyuShinobi500
  • Start date
  • Views 870
  • Replies 2
R

RyuShinobi500

Guest
I am trying to bypass a password protected .rar file I have done extensive research on this topic and I was wondering what is the best way of going about this thanks
 

FAST6191

Techromancer
Editorial Team
Joined
Nov 21, 2005
Messages
36,798
Trophies
3
XP
28,411
Country
United Kingdom
Is this really something that wants to go under the banner of Linux questions? It is not related to Linux other than I guess you want to use a Linux based OS to do it (most tools do seem to be aimed at Windows mind you, to that end you might be better to suck it up and use (even a VM should not experience much penalty here on a modern computer) that unless you have access to a Linux cluster or something.

Anyway to the best of my knowledge there are no known failures in present incarnations of the rar format. Some of the older stuff might have but that is now going to be seriously vintage and unlikely to be anything you find today. I am not sure what we have for a known plaintext attack these days (if you know the contents of one of the files when decoded then you might be able to take the encrypted version, the plain version and go between the two).

Password cracking then usually amounts to extracting a small file from the archive (usually the aim is for something like a small text file, smaller then meaning less processing to do when testing many things on it which speeds things up vs extracting gigs and doing all the processing on it every time) and trying to decode that -- it knows the hash it should decode as and thus can tell when it has the right password (assuming you have no collisions, which is exceedingly unlikely). The two approaches then being dictionary (list of known terms, and in the case of things like warez a list of known passwords) and brute force (you try every combo of characters you wish to include until you get the right one, maybe limiting the character choice to speed things up, typically though). If you are playing spy against mere mortals then you can steal their computer and the phrase may pop up somewhere on the drive, or you can try notable lines from their favourite book and things like that but we are getting off topic here, though I will note this is where things will typically diverge from free stuff you can download into big boy toys you get to either make or pay for.

Brute force is basically pointless unless you know it is either short (don't know what character counts are viable off the top of my head but less than 10 for standard a-z,A-Z,0-9 and basic things you can get with shift on a keyboard, and more likely 7 or 8) or have some idea of what it is and just need to have something try the obvious instead of 1 then ! and instead of E then 4 and instead of 0 then O type things plus all the various few digit numbers at the end.

Dictionary is going to depend upon the quality of your dictionary, all of which are largely separate to RAR password guessing and instead will be from conventional dictionaries, password leaks, include some of the obvious substitutions, word combinations and the like, and may or may not prioritise different things.
This then means finding something to read the dictionary, which you can probably do with grep and a terminal if you really wanted and still be about as fast as any program you care to use -- open small file, try password, hash small file test, compare to proper hash, repeat for next line in dictionary... is not a particularly exotic thing, might get some benefit if you can find a GPU unrar file and stick the files in question in RAM (even if you make a RAM drive) rather than read from/extract to hard drive (another reason small files are good, assuming you don't have the ridiculous server amounts of RAM).
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • SylverReZ @ SylverReZ:
    Exactly.
  • linuxares @ linuxares:
    Thor from "Pirate Software" said its just better to pirate the game than buy from a keyshop if you care about the devs
    +2
  • The Real Jdbye @ The Real Jdbye:
    devs don't get hit with the chargebacks, the keys are free to generate
  • The Real Jdbye @ The Real Jdbye:
    at least on steam
  • linuxares @ linuxares:
    Except he said the DEVS get hits with the chargeback cost
    +1
  • linuxares @ linuxares:
    since the key gets bought with a stolen credit card
  • The Real Jdbye @ The Real Jdbye:
    there's nothing to charge back because the keys don't cost them money to generate in the first place
  • K3Nv2 @ K3Nv2:
    If the game has a crack sure
  • K3Nv2 @ K3Nv2:
    Most these crack sites have dead links anymore or the crack don't even work
  • linuxares @ linuxares:
    @The Real Jdbye What don't you get? If someone use a stolen creditcard. Then sell said key on G2A. If I the dev sold the game key, I will get the charge back cost. That's how it works, it doesn't matter if I generate 300 keys if 300 of them are bought with stolen credit cards. I never said it was on Steam, but its the dev that gets hit. There is a ton of stories out there if you google it.
    +1
  • K3Nv2 @ K3Nv2:
    Just buy other people's steam account :teach:
  • linuxares @ linuxares:
    Just tell them you're dead ;D
    +1
  • K3Nv2 @ K3Nv2:
    They already know
  • linuxares @ linuxares:
    I honestly wonder how the EU would say if I willed my account to you. And Valve be like "nope!"
    +1
  • cearp @ cearp:
    @K3Nv2 - sounds like you need a better place to find cracks!
  • K3Nv2 @ K3Nv2:
    Psionics offline right now or I would
  • SylverReZ @ SylverReZ:
    @cearp, Psi is offline at the minute, but he knows where to find them.
  • cearp @ cearp:
    get your mind out of the gutter, I'm talking about piracy
  • cearp @ cearp:
    not that type of crack
    +1
  • K3Nv2 @ K3Nv2:
    I mean the drug not the booty pervs
    +2
  • linuxares @ linuxares:
    @cearp At a plumber convenstion. Loads of cracks!
    +2
  • K3Nv2 @ K3Nv2:
    A plumber is either on crack or in crack or showcasing crack
    +2
  • cearp @ cearp:
    or of course, dealing with cracks (in pipes)
  • K3Nv2 @ K3Nv2:
    Sure he could be on cracked flooring causing the leak
    K3Nv2 @ K3Nv2: Sure he could be on cracked flooring causing the leak