Zimmer

Well I was trying to create my own brute forcer in python does it work for anyone? import sys rarfiles =raw_input("What RAR files do you want to run? ") x = "abcdefghijklmnopqrstuvwxyzzABCDEFGHIJKLMNOPQRSTUVWXYZZ1234567890" #64 b = -1 c = -1 r = -1 z = -1 v = -1 q = -1 w = -1 e = -1 t = -1 y = -1 def crack10(): sys(r'"C:\Program Files\WinRAR\Rar.exe" x -p[',x[q]+x[w]+x[e]+x[t]+x[y]+x[v]+x[z]+x[r]+x[c]+x[b],r']' ,rarfiles) while v<63: b=b+1 if b==64: c = c + 1 b = 0 if c==64: r = r + 1 c = 0 b = 0 if r==64: z=z+1 r = 0 c = 0 b = 0 if z==64: v=v+1 z = 0 r = 0 c = 0 b = 0 if v==64: y=y+1 v = 0 z = 0 r = 0 c = 0 b = 0 if y==64: t=t+1 y = 0 v = 0 z = 0 r = 0 c = 0 b = 0 #tewq if t==64: e=e+1 t = 0 y = 0 v = 0 z = 0 r = 0 c = 0 b = 0 if e==64: w=w+1 e = 0 t = 0 y = 0 v = 0 z = 0 r = 0 c = 0 b = 0 if w==64: q=q+1 w = 0 e = 0 t = 0 y = 0 v = 0 z = 0 r = 0 c = 0 b = 0 crack10()

OK I'll test ten letter combination's. :) Might take awhile :)

Well you have to buy the whole software. :( :(

X3N What program are you using?

Advanced Rar Password recovery does the trail work fine or do I have to buy the full version?

Well that cinda ruins my lowercase brute force attack. :(

Where to start HA. Of course start at the almighty google www.google.com. ;)

Are we allowed to use another program as a back end for conversion or the pictures?

I created a program the reason was for another thread http://hak5.org/forums/index.php?showtopic=10617. Right know it only goes to three letters and prints them but it isn't hard to modify them. What do you guys and gals think of it. :) Well on to the code. #Application: Python --> http://www.python.org/ #Author: Zimmer #Cool Program but don't use it for illegal reasons. # # import sys x = "abcdefghijklmnopqrstuvwxyzz" b = -1 c = 0 r = 0 def CRACK(): print x[b] def CRACK2(): print x[c]+x[b] def CRACK3(): print x[r]+x[c]+x[b] while b<25: b = b+1 CRACK() b=-1 while c<26: b = b+1 if b==26: c=c+1 b=0 CRACK2() b=-1 while r<26: b = b+1 if b==26: c=c+1 b=0 if c==26: r=r+1 c=0 b=0 CRACK3() #x = input("Pause") #if 1==1: # sys.quit

Creating a python file that brute forces a rar. Python code so far generates up to 3 letters it also just prints the letters but shouldn't be to hard to use the sys command and use it through rar command line. import sys x = "abcdefghijklmnopqrstuvwxyzz" #TO use CAPS as well just change all the 26 to 52 b = -1 c = 0 r = 0 def CRACK(): print x[b] def CRACK2(): print x[c]+x[b] def CRACK3(): print x[r]+x[c]+x[b] def CSET(): if b==26: c=c+1 while b<25: b = b+1 CRACK() b=-1 while c<26: b = b+1 if b==26: c=c+1 b=0 CRACK2() b=-1 while r<26: b = b+1 if b==26: c=c+1 b=0 if c==26: r=r+1 c=0 b=0 CRACK3() #x = input("Pause") #if 1==1: # sys.quit

Ok a tried a trial of some software to test the password it is not under three characters or less

With there being a command line version of WinRAR would it be possible to make a batch script brute forcer.

What bothers me is the name of the RAR. Worlds Strongest Dog. Does that have anything to do with it... hmmm

Digip ignore it I was trying to upload the source code.

7-Zip Code all files related to RAR Uploaded FAILED NOT PERMITTED

Good idea ;). By the way do you know how to get a memory dump? Where can I download the source code for UnRAR? 7-Zip?

At some point doesn't winRAR have to compare you password and the actual password in memory. So wouldn't the true password be stored in memory?

Wait is the file encrypted. If not would it be theoretically possible to have a program that extracts it ignoring the password? For some reason I doubt it but just maybe...

Ok I add new text.txt to a rar and when opening it up the RAR had a string of new text.txt. From that I believe that the you_win string is the file that has been compressed Ok The RARs Password is defintely not stored in the hex code. Becuase I password protected file with a password and it was not in the in the file. (You guys probably new that.)

For Passwords I've tried you_win the hex of it, Rar, Rar!? (From the other file.). What have you guys tried? Time to head to google.com :) Just google the text of the other file not the you_win and "526172211A" look "http://corrupteddatarecovery.com/Repair/RAR-Archive-File-Repair-RAR-Data-Conversion.asp" Maybe its corrupt to. Instead of using WinRAR to fix it just put this into the front of it Rar! So damaged one in hex 07 00 cf 90 73 00 00 0d 00 00 00 00 00 00 00 6c 00 7a 00 80 23 00 18 00 00 00 0d 00 00 00 02 e9 b5 8d e1 00 00 00 00 1d 33 03 00 00 00 00 00 43 4d 54 08 15 47 ed 0f 15 31 46 31 ea 70 25 1f df e6 ff da 2a f3 93 29 34 7f 40 c6 3f 74 24 94 34 00 80 00 00 00 11 01 00 00 02 1c fa e3 d7 fa 73 67 39 1d 35 07 00 20 00 00 00 79 6f 75 5f 77 69 6e bc 7b 73 f0 8a 9d 17 71 00 b0 b5 97 0e 2e 49 02 65 5a b9 5d 39 76 b7 ba 15 65 23 b8 76 ba d8 12 45 f3 24 fd 69 8e 58 8b 70 7c cc 73 b1 0b 7d fe dc 31 56 8a d5 1e 81 09 89 f9 1f 42 3e ec 12 fe 5b d2 92 5e 49 15 9b 1c b8 f7 9a 53 ba a7 03 f7 75 cb 4e 94 d2 95 fc c2 d9 c6 4f 23 f5 72 95 55 cb 1a a0 41 64 da 50 bd ae f5 aa 95 dc 0a 88 97 21 25 5a 18 37 e6 76 2f 98 6a c9 1e 9b 62 ed b9 50 f9 72 df 0f 16 da 60 51 bc d5 78 c1 c4 3d 7b 00 40 07 00 Fixed 52 61 72 21 1a 07 00 cf 90 73 00 00 0d 00 00 00 00 00 00 00 6c 00 7a 00 80 23 00 18 00 00 00 0d 00 00 00 02 e9 b5 8d e1 00 00 00 00 1d 33 03 00 00 00 00 00 43 4d 54 08 15 47 ed 0f 15 31 46 31 ea 70 25 1f df e6 ff da 2a f3 93 29 34 7f 40 c6 3f 74 24 94 34 00 80 00 00 00 11 01 00 00 02 1c fa e3 d7 fa 73 67 39 1d 35 07 00 20 00 00 00 79 6f 75 5f 77 69 6e bc 7b 73 f0 8a 9d 17 71 00 b0 b5 97 0e 2e 49 02 65 5a b9 5d 39 76 b7 ba 15 65 23 b8 76 ba d8 12 45 f3 24 fd 69 8e 58 8b 70 7c cc 73 b1 0b 7d fe dc 31 56 8a d5 1e 81 09 89 f9 1f 42 3e ec 12 fe 5b d2 92 5e 49 15 9b 1c b8 f7 9a 53 ba a7 03 f7 75 cb 4e 94 d2 95 fc c2 d9 c6 4f 23 f5 72 95 55 cb 1a a0 41 64 da 50 bd ae f5 aa 95 dc 0a 88 97 21 25 5a 18 37 e6 76 2f 98 6a c9 1e 9b 62 ed b9 50 f9 72 df 0f 16 da 60 51 bc d5 78 c1 c4 3d 7b 00 40 07 00

Ok this is what I've got so far. The two files you extract for the orignal download. One contains you_win in it. That file you need to repair as a RAR file. It will then go throught it. Then once it is repaired try to extract it. WinRAR will ask you for a password. :)

I download the file and extract it with both WinRAR and 7-Zip neither ask for a password. I then get two files and one has hex that in ASCII is Rar!?. I tried extracting those two files but they aren't RAR files. So what files is the password protect one?

What send a million blank pages to the printer :) ;). <evilvoice> Then the printer will be min </evilvoice>

For easy --> Ubuntu For learning --> CentOS

Could try chinaloading floppy and usb.