digip Posted November 10, 2008 Share Posted November 10, 2008 Also try this as a password 00998 How did you come up with that number? A brute force program? Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted November 10, 2008 Share Posted November 10, 2008 Im using unrar and rar in linux, all command lines.. but like you said its probably something totally different.. Quote Link to comment Share on other sites More sharing options...
Zimmer Posted November 10, 2008 Share Posted November 10, 2008 Well I was trying to create my own brute forcer in python does it work for anyone? import sys rarfiles =raw_input("What RAR files do you want to run? ") x = "abcdefghijklmnopqrstuvwxyzzABCDEFGHIJKLMNOPQRSTUVWXYZZ1234567890"  #64 b = -1 c = -1 r = -1 z = -1 v = -1 q = -1 w = -1 e = -1 t = -1 y = -1 def crack10():         sys(r'"C:\Program Files\WinRAR\Rar.exe" x -p[',x[q]+x[w]+x[e]+x[t]+x[y]+x[v]+x[z]+x[r]+x[c]+x[b],r']' ,rarfiles) while v<63:         b=b+1         if b==64:                 c = c + 1                 b = 0         if c==64:                 r = r + 1                 c = 0                 b = 0         if r==64:                 z=z+1                 r = 0                 c = 0                 b = 0         if z==64:                 v=v+1                 z = 0                 r = 0                 c = 0                 b = 0         if v==64:                 y=y+1                 v = 0                 z = 0                 r = 0                 c = 0                 b = 0         if y==64:                 t=t+1                 y = 0                 v = 0                 z = 0                 r = 0                 c = 0                 b = 0 #tewq         if t==64:                 e=e+1                 t = 0                 y = 0                 v = 0                 z = 0                 r = 0                 c = 0                 b = 0         if e==64:                 w=w+1                 e = 0                 t = 0                 y = 0                 v = 0                 z = 0                 r = 0                 c = 0                 b = 0         if w==64:                 q=q+1                 w = 0                 e = 0                 t = 0                 y = 0                 v = 0                 z = 0                 r = 0                 c = 0                 b = 0         crack10() Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted November 10, 2008 Share Posted November 10, 2008 Well I was trying to create my own brute forcer in python does it work for anyone? My out put What RAR files do you want to run? b.rar Traceback (most recent call last): Â Â File "brute.py", line 82, in <module> Â Â Â Â crack10() Â Â File "brute.py", line 15, in crack10 Â Â Â Â sys(r'"C:\Program Files\WinRAR\Rar.exe" x -p[',x[q]+x[w]+x[e]+x[t]+x[y]+x[v]+x[z]+x[r]+x[c]+x[b],r']' ,rarfiles) TypeError: 'module' object is not callable Sorry didnt notice it was for windows Quote Link to comment Share on other sites More sharing options...
Zimmer Posted November 10, 2008 Share Posted November 10, 2008 The code works if I just print it to the screen. Hmmmm.... Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted November 10, 2008 Share Posted November 10, 2008 RAR/WinRAR archiver version 2.x used its proprietary, but rather strong encryption algorithm. At least no RAR 2.0 attacks were known except brute force. Starting from version 3.0, RAR has been using a strong AES algorithm, which doesn't allow any attacks more effective than the brute force. Besides, the encryption is implemented so that brute force speed on modern computer is very low, about 100 passwords per second. This carries inference that RAR 3.x system is the strongest between popular encryption systems in the context of brute force. This means you couldn't recover RAR password longer than 6-7 symbols if you have no information about the password. http://www.password-crackers.com/en/articles/12/#3.1 Quote Link to comment Share on other sites More sharing options...
X3N Posted November 10, 2008 Share Posted November 10, 2008 i wanna bump my original question "did the dude who started this topic make these or are they coming from another place?" and if he did get them from somewhere else... than did he actually figure these out himself? If he did in fact make these as an exercise in cryptography or stenography... then there has to be clues in the file that point to how its been put together. I seriously doubt any amount of brute forcing is going to unlock anything. Its all about clues and I'm sure its hidden in the file structure and or contents. Now again these statements are made assuming he is the one who designed these. There are different methods of hiding or obscuring data so its hard to decipher. A few are binding different file formats together and striping thier header information.... which was the case in the previous files he posted, as far as the passwords goes... they are probably hidden somewhere in each piece. Like a sequential logic puzzle. It would be nice if he could just answer one question of mine which is will any of the decryption require brute forcing? because if so then I'm not really interested in this. Quote Link to comment Share on other sites More sharing options...
PLuNK Posted November 11, 2008 Author Share Posted November 11, 2008 i wanna bump my original question "did the dude who started this topic make these or are they coming from another place?" and if he did get them from somewhere else... than did he actually figure these out himself? If he did in fact make these as an exercise in cryptography or stenography... then there has to be clues in the file that point to how its been put together. I seriously doubt any amount of brute forcing is going to unlock anything. Its all about clues and I'm sure its hidden in the file structure and or contents. Now again these statements are made assuming he is the one who designed these. There are different methods of hiding or obscuring data so its hard to decipher. A few are binding different file formats together and striping thier header information.... which was the case in the previous files he posted, as far as the passwords goes... they are probably hidden somewhere in each piece. Like a sequential logic puzzle. It would be nice if he could just answer one question of mine which is will any of the decryption require brute forcing? because if so then I'm not really interested in this. Yes I did create these, Once you get passed the password It gets interesting. Maybe the file name has something to do with the password? dGVlbnMNCmVuam95DQpudW1iZXJzDQoNCnVzdWFsbHkNCm5vdGhpbmcNCmRpZ3MNCmVycmF0aWNh bGx5DQpydWRlDQoNCnNvbWUNCmNhcnZlDQpvdXQNCnJvdW5kZWQNCmVnZ3MNCg== Ooh what's that? Quote Link to comment Share on other sites More sharing options...
Zimmer Posted November 11, 2008 Share Posted November 11, 2008 Anybody made progress? What was the first RAR's Password? Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted November 11, 2008 Share Posted November 11, 2008 some help with that string please :D Quote Link to comment Share on other sites More sharing options...
Giezr Posted November 11, 2008 Share Posted November 11, 2008 Long time reader, first time poster. Hey :) dGVlbnMNCmVuam95DQpudW1iZXJzDQoNCnVzdWFsbHkNCm5vdGhpbmcNCmRpZ3MNCmVycmF0aWNh bGx5DQpydWRlDQoNCnNvbWUNCmNhcnZlDQpvdXQNCnJvdW5kZWQNCmVnZ3MNCg== Is Base64, according to MaxieZ's web Base64 decoder (link) it says: teens enjoy numbers usually nothing digs erratically rude some carve out rounded eggs Which doesn't mean anything to me. But if you read the first letter of each line you get: ten under score And that's as far as I've got. Still can't open the RAR file. Using mainly WinRAR and Advanced Archive Recovery. Good Luck, Giezr Quote Link to comment Share on other sites More sharing options...
PLuNK Posted November 11, 2008 Author Share Posted November 11, 2008 Gratz on working that out. Quote Link to comment Share on other sites More sharing options...
Giezr Posted November 11, 2008 Share Posted November 11, 2008 Gratz on working that out. Thanks! Something I'm not clear on, is the original file words-strongest-dog.dent still required for anything? Just wonderin, Giezr Quote Link to comment Share on other sites More sharing options...
PLuNK Posted November 11, 2008 Author Share Posted November 11, 2008 Nope not at all. That was just something I quickly made and figured I'd post it.. So I have no way of knowing what the password is on the original file. But the current one is well constructed, Although there's one section after the password (When you receive 3 RAR files) Which I stuffed up and you can just bypass it by extracting... But after that It gets quite interesting.. Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted November 11, 2008 Share Posted November 11, 2008 Has anyone been able to open the first rar, pirate one? Quote Link to comment Share on other sites More sharing options...
X3N Posted November 11, 2008 Share Posted November 11, 2008 Has anyone been able to open the first rar, pirate one? nope... i really have no idea where to start with this one... barring brute forcing im not sure where to go from here... i been looking for clues in the file structure but i cant find anything.... Quote Link to comment Share on other sites More sharing options...
X3N Posted November 11, 2008 Share Posted November 11, 2008 was that base64 thing just a clue Plunk? or was that contained inside the file somewhere? Quote Link to comment Share on other sites More sharing options...
PLuNK Posted November 11, 2008 Author Share Posted November 11, 2008 That's a clue, And to anyone who might have contacted me, No I will not provide the password. Quote Link to comment Share on other sites More sharing options...
Giezr Posted November 11, 2008 Share Posted November 11, 2008 Just a note, I tried a crappy "pirate words" wordslist that didn't work. And I've tried every variation of "ten under score" I can think of as the password with no success. Elcomsoft's software is pretty spot on. Sadly they don't support using the GPU to crack RAR files, yet. Giezr Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted November 11, 2008 Share Posted November 11, 2008 That was me that tired to contact him fyi. I did the same as Giezr. I guess its just to late to keep on trying. Maybe some sleep will do me well.. What i think ill do in the morning is make a blank rar, or put some text file in it and compare the containers. After that ill post all the information inside the container, the encrypted data, which are more rar files... I might add a rar file to another and see how that looks, but im pretty sure that the AES has mutated it in some way... oh well Quote Link to comment Share on other sites More sharing options...
DrCheeseit Posted November 11, 2008 Share Posted November 11, 2008 im brute forcing it its been going on all night im running it starting from 2 chars till whenever i feel like makin it stop im using upper and lower case and special chars as well as numbers and its been running for hours and hours and i still have yet to find it >.< Quote Link to comment Share on other sites More sharing options...
X3N Posted November 11, 2008 Share Posted November 11, 2008 That was me that tired to contact him fyi. I did the same as Giezr. I guess its just to late to keep on trying. Maybe some sleep will do me well.. What i think ill do in the morning is make a blank rar, or put some text file in it and compare the containers. After that ill post all the information inside the container, the encrypted data, which are more rar files... I might add a rar file to another and see how that looks, but im pretty sure that the AES has mutated it in some way... oh well i actually already tried that... this is what the hex dump looks of a blank text document inside a rar looks like Rar!.....s..........Jbt .)..............4gj9.0.. ...blank.txt.={.@.. this part 'Rar!.....s' is the rar header. I didnt encrypt or password this file. Thats actually how i fixed the strongest dog rar file... here is the same file only using zip instead of rar PK........4gj9................blank.txtPK..........4gj9................ ...... .......blank.txtPK..........7...'..... Quote Link to comment Share on other sites More sharing options...
Giezr Posted November 11, 2008 Share Posted November 11, 2008 Just something interesting I stumbled upon in WinRAR and this might already be obvious, if so excuse the post. When making a RAR with WinRAR you have to click "Encrypt file names" when setting the password or the file names are visible when viewing the file in a hex editor. Example: Password protected but "Encrypt file names" not checked: Rar!.....s...........9t$.5. ..........1]..k9.3.. ...test.txt...i..*.....I....ep.p.{./....Y..#.TQ.G}.u.K...={.@.. Same file, same password, with "Encrypt file names" checked: Rar!.....s.........."....J......7&c~..}....5i0.|.y.....B.j.....1M.....h..5..h. i9s...n;.9.Js..2.=.....S.x..."....J..n*......m3UZ....'.K.b.I2....-9.I.j&.a3.....B+. .8.d...):8..A..+...8C2>.......e&..U...2... q<...."....J..E..#...A.....\.s Read below for bullshit theories! In the first files PLuNK distributed we had to play with the header to get the file to work. I'm not really sure it's the header but that's what I'm gonna call it. Well I've made a ton of RARs now and they all start with: Rar!.....s Now the "clue" we have been provided is "ten under score". That Rar!.....s is the first 10 characters of any RAR file. Probably coincidence, and I'm probably headed down the wrong street here. </bs> Thanks, Giezr Quote Link to comment Share on other sites More sharing options...
DrCheeseit Posted November 11, 2008 Share Posted November 11, 2008 omg... i dont think were gonna get into it im running 3 brute forcers at once 1 with uppercase letters one wit lower case and one wit numbers im pretty sure that the password isnt pure numbers considering ive gone thru 185,000 diff possobilities in the last like 7 mins and im still working on the letters but im not completely sure that the brute forcers are actually trying to get into it i put Z:\home\luis\Desktop\arr_pirate.rar as the resource for it but idk if its actually trying to open it or am i working it wrong? Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted November 11, 2008 Share Posted November 11, 2008 omg... i dont think were gonna get into it im running 3 brute forcers at once 1 with uppercase letters one wit lower case and one wit numbers im pretty sure that the password isnt pure numbers considering ive gone thru 185,000 diff possobilities in the last like 7 mins and im still working on the letters but im not completely sure that the brute forcers are actually trying to get into it i put Z:\home\luis\Desktop\arr_pirate.rar as the resource for it but idk if its actually trying to open it or am i working it wrong? What program are you using to brute it? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.