Here I will be looking at cracking password protected archive files with rarcrack which is included in the back|track 4 distro.
First lets navigate to rarcrack in back|track, see the help file and which files are located in the rarcrack directory.
cd /pentest/passwords/rarcrack
./rarcrack --help
ls
There are 3 test files included in the rarcrack directory, but lets try rarcrack on some of the files which I created which are on a USB drive; /media/4G/
Starting an attack ;
This below on a zip file created with WinRar;
./rarcrack --type zip --threads 8 /media/4G/TEST6-winrar.zip
This one below on a zip file created in 7-Zip with ZipCrypto encryption;
./rarcrack --type zip --threads 8 /media/4G/TEST-ZipCrypto.zip
This one below on a 7z archive with AES256 encryption;
./rarcrack --type 7z --threads 8 /media/4G/TEST1-AES256.7z
So Slow !When a crack attempt is started, an xml status file is created in the directory where the archive file is located.
So we can stop the crack and edit the values of the xml file to help speed up the cracking process.
This xml file can be editted to change the character list being used for the crack, in this case as I know the
password is a numerical value, we can edit the xml file so that rarcrack only checks numbers;
nano /media/4G/TEST1-AES256.7z.xml
Changing the character set to numerical only;
Now we restart the attack on the 7z file and the attack will resume but now only check numerical values;
./rarcrack --type 7z --threads 8 /media/4G/TEST1-AES256.7z
Video on the above using rarcrack can be found here ;
http://blip.tv/file/2816224or
http://www.youtube.com/watch?v=BMFn-jps3iY
Although I am trying to stick to the back|track tools in my posts, I have to divert somewhat here and mention a Windows tool by Elcomsoft; "Advanced Archive Password Recovery" (ARCHPR).
It is a great tool and Elcomsoft have password recovery tools for a fantastic number of filetypes.
It has an easy interface with various cracking options such as Bruteforce and Dictionary attacks, and is also able to include characters which you think may be correct and mask those you want testing, as in; pass????.
The speed reached is much better in most cases than what rarcrack achieves and also is more flexible on which files can be chosen, although it does not support 7zip created archives.
With rarcrack I was having trouble with it catching the passwords on zip files with AES encryption, ARCHPR has no trouble with these.
ARCHPR in action with bruteforce options ;
Dictionary attack ;
HOW I CANT DOWNLOAD RARCRACK PLSS HELP MEEPLSS
ReplyDeleteWell, you dont download it, it is installed along with backtrack4.
ReplyDeleteIt can be found in the directory;
/pentest/passwords/rarcrack/
Otherwise a quick google search;
http://tinyurl.com/2ws5jpl
Work on your google-fu ..
do you need to burn the whole rarcrack into a cd?
DeleteWell no,
DeleteBacktrack has been discontinued and is now replaced with Kali, in Kali rarcrack is no longer available directly from the repos.
For rar files I would now suggest trying the program 'cRARk' which can be run on linux or windows and has GPU support.
help me guys ! this file in format c - (rarcrack.c and rarcrack.h) what can i do ?
ReplyDeletehi there, can you please help me out by knowing,after it(rarcrack) says the password is cracked,where can i find that password??
ReplyDeleteI dont understand your question..
ReplyDeleteIf the correct password is found then you get a result ;
GOOD: Password cracked: 'password_here'
So what else would you need ?
hey, I keep getting "segmentation fault: 11"
ReplyDeleteany idea what the problem is and how to fix it?
The only thing that my google-fu turned up was ;
ReplyDeletehttp://sourceforge.net/projects/rarcrack/develop
If you're getting segmentation faults, try adding all the options.
ReplyDeleteinclude "--type [TYPE]" and "--threads [NUM]"
When I do "./rarcrack file.ext" it gives segmentation faults, but when all options are included it works just fine.
Also, if you look on SourceForge, in the "files" section the latest is rarcrack-0.2, but there is rarcrack-0.3 in the SourceForge git repos.
hey there I just installed rarcrack without problems, I've also downloaded all the libraries and that stuff and I'm just doing what's being shown on the video; the thing is that it appears
ReplyDeleteINFO: the specified archive type: rar
INFO: cracking /home/luis/Descargas/UPDATES-APRIL25TH2012.rar, status file: /home/luis/Descargas/UPDATES-APRIL25TH2012.rar.xml
GOOD: password cracked: '5'
GOOD: password cracked: '1'
GOOD: password cracked: '6'
GOOD: password cracked: '7'
GOOD: password cracked: '4'
GOOD: password cracked: '3'
GOOD: password cracked: '0'
GOOD: password cracked: '2'
It's a long password and it has both numbers and letters so this just doesn't make any sense, any suggestions?
Uninstall unrar(nonfree) and replace by unrar(free)
DeleteHi,
ReplyDeleteI ' m using kali and this does nt have rar crack too.Would you please guide me what to do?
Hi guys,
ReplyDeleteWhen i wanted to install the rarcrack in kali I recieved the following message could you please help me.
tar -xjf rarcrac-0.2.tar.bz2
tar (child): rarcrac-0.2.tar.bz2: Cannot open: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now
When I convert that to gz I also received this:
tar -xjf rarcrac-0.2 gz
tar (child): rarcrac-0.2: Cannot open: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable: exiting now
Thanks
Hi brother first Gratz with this tuto and your blog too. where can i get this world list for try to crack a password rar Thanks
ReplyDeleteI use PasswordWrench. I switch my important passwords every 30-60 days, and make them long, but I can none remember them and ended up using variations of the same password over and over, which is not safe. This way they help me originate my own personal system for managing my passwords.
ReplyDelete