Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   question about winrar passwords (https://forum.exetools.com/showthread.php?t=7308)

abccc 04-07-2005 22:18
question about winrar passwords
 
hi , I have learned alot in this forum and I still learnning >> so thank you evryone .... and please execuse my bad english

I forgot a password in a protected rar file... I know there are some software to recover that but they take long time and my question >>>

is it possible to find out a password for a rar or zip document using ollydbg

if yes are there any tutorials in the net about that .. thanks

Hero 04-08-2005 00:36
Hi
This is one of the question that is asked too much.But I should say that attacking
to a rar or any other compressing ways theoricaly has no way except Bruteforce or
dictionary attack(If it developed well such as rar and zip).
Because algorithm is too simple,You add a signature in for example start of file and then
encrypt all the file.When you want to decrypt it,after decoding some blocks of file if the
signature was wrong that means you enter the password wrong and in this way there
is no need for saving password in file and attacking to it is similar to attacking an encryption
algorithm(It is a way that can be used,I didn't know rar or zip algorithms but they should
be similar).

sincerely yours

fsheron 04-08-2005 08:27
If the password is given by you. Create a possible dictionary and use bruteforce to crack will be helpful.

abccc 04-08-2005 21:45
Hero, fsheron thank you very much for quick response..

FKMA 04-17-2005 02:43
But if your rar version is >= 3.0 , you may get very-very long time to bruteforce because of use a new algorithm in v3.0+

Hero 04-17-2005 11:51
Because Winrar in that version uses powerfull AES algorithm for its password.
But there is no other way except bruteforce or dictionary attacks.

sincerely yours

visu 04-17-2005 20:55
Just to complement this answer, this is also same for WinZip.

Hero 04-17-2005 23:46
Hi visu
That's right that I heard that WinZip uses AES too,But I don't know why its
best bruteforce password finder can work with too high speed for it.
It can test almost 2 million passwords per second!
Any idea why these two is that deferent?(winrar check almost 700 pps)

sincerely yours

amitophia 04-19-2005 05:55
2Hero:
The main performance fall not in AES encrypting itself but in generating encryption key. The last one takes long time when using WinRAR.
You can speed up WinRAR breaking by brute-forcing decryption key, not password. But it'll make no sense due to a very big number of possible keys

Hero 04-19-2005 12:15
hi amitophia
I'm not a professional in encryption algorithms,but I know that AES is an symmetric
algothirm,that means the encryption and decryption keys are the same.
What do you mean by:
Quote:
You can speed up WinRAR breaking by brute-forcing decryption key, not password.
You mean that password is deferent by the AES encryption/decryption keys?
(I always think that they should get the AES 128bits key by making a simple
padding from your password.)

sincerely yours

amitophia 04-20-2005 04:42
2Hero:
You mean that password is deferent by the AES encryption/decryption keys?
No-no. When I said "ecnryption/decryption key" I just meant different roles of the key in apporpriate processes. Sorry for misleading you

by making a simple padding from your password
Actually this "padding" is calcualtion of hash from the password. And it shouldn't be simple to be invulnerable to brute-force attacks. The faster (simpler) hash is calculated, the faster brute-force can be done.

swlepus 04-27-2005 17:02
it is impossible to recovery files from a winrar v3 password protected file. unless you have a very powerful machine.


All times are GMT +8. The time now is 09:17.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX