Zimmer Posted November 11, 2008 Share Posted November 11, 2008 Are there any free bruteforcers for RARs. Full Version not trial ware. Quote Link to comment Share on other sites More sharing options...
DrCheeseit Posted November 12, 2008 Share Posted November 12, 2008 im using netbrute -.- if im using netbrute right then its not a number becouse ive gone thru 220million passes its a pretty fast brute forcer it goes thru like 300 per a second Quote Link to comment Share on other sites More sharing options...
Giezr Posted November 12, 2008 Share Posted November 12, 2008 im using netbrute -.- if im using netbrute right then its not a number becouse ive gone thru 220million passes its a pretty fast brute forcer it goes thru like 300 per a second Wow no shit!? Thats incredibly fast for a RAR cracker. My Advanced Archive Recovery which I uh, paid for, is doing good to get 40 a second. I will have to check that out. Giezr Quote Link to comment Share on other sites More sharing options...
PLuNK Posted November 12, 2008 Author Share Posted November 12, 2008 Maybe the Base64 string I provided before was a hint to the password? And there's no numbers by the way ;) Quote Link to comment Share on other sites More sharing options...
Giezr Posted November 12, 2008 Share Posted November 12, 2008 I'm not one to grovel for hints, but here it goes. Do we need to work more on the meaning of your hint? Do we have all the info we need to get the pass? I'm guessing we are missing something, because the only pass related info so far was the hint. Is there anything more we can extract from the file or do we just need to look somewhere else. <rambling> I've been looking for all sorts of "ten under score" info and haven't got much. Does anyone know if it applies to computing in any sorta way? Also I was thinking maybe it was a sports term. I've tried golf, cricket, football (and soccer :) ), I'm leaning against a sports term. </rambling> Thanks, Giezr Quote Link to comment Share on other sites More sharing options...
PLuNK Posted November 12, 2008 Author Share Posted November 12, 2008 You've got all the info you need, The password is very simple & I wasn't expecting It to be the main focus. Some of the file names may be hints also.. Quote Link to comment Share on other sites More sharing options...
depill Posted November 12, 2008 Share Posted November 12, 2008 We have all the info we need. we have 3 filenames arr_pirate.rar blank.txt test.txt ten under score 10_ ten_ 10underscore apart from meaning Guybrush: "arr! ahoy there Wally" arr could also mean array. Time to watch some BSG drink lots of caffeine and get cracking. This will be solved today <_< Quote Link to comment Share on other sites More sharing options...
twocs Posted November 12, 2008 Share Posted November 12, 2008 Are there any free bruteforcers for RARs. Full Version not trial ware. CLI version: http://aapr.sourceforge.net/ The file ext. used are just random, The file password is VERY simple, Only lowercase & no symbols etc. According to bruteforce cracking software, simple means more than four characters in length... Maybe it's on the crack-goodness Hak5 password list? http://wiki.hak5.org/wiki/Password_lists And I'm not so sure on this ten under score is a good round of golf or what. http://search.yahoo.com/search?p="ten+under+score" Quote Link to comment Share on other sites More sharing options...
PLuNK Posted November 12, 2008 Author Share Posted November 12, 2008 Who said ten underscore was a phrase? Quote Link to comment Share on other sites More sharing options...
Deathdefyer2002 Posted November 12, 2008 Share Posted November 12, 2008 In my attempt to find Netbrute, I came across this website http://www.rawlogic.com/products.html Doesn't look like it supports RAR cracking though I could be wrong. Can someone tell me where they found the netbrute that did a couple hundred passwords a second on RAR? Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted November 12, 2008 Share Posted November 12, 2008 We have all the info we need. we have 3 filenames arr_pirate.rar blank.txt test.txt Whee do you see these txt files? Quote Link to comment Share on other sites More sharing options...
Zimmer Posted November 12, 2008 Share Posted November 12, 2008 Also the hint was "ten under score" score refering to 20. Could be Quote Link to comment Share on other sites More sharing options...
depill Posted November 12, 2008 Share Posted November 12, 2008 Whee do you see these txt files? sorry my bad, those blank.txt and test.txt were example files. Quote Link to comment Share on other sites More sharing options...
Deveant Posted November 12, 2008 Share Posted November 12, 2008 Just ran all anagrams for the 'ten under score' results: nothing. Link to anagram list: http://wordsmith.org/anagram/anagram.cgi?a...score&t=all Quote Link to comment Share on other sites More sharing options...
DrCheeseit Posted November 13, 2008 Share Posted November 13, 2008 i found netbrute but i have no idea where i got it from lol but ima be gone for a lil bit becouse im switching back to windows but yah while at school i tried to work it out and what i came up with was this score= 20 years sooo... possible answer -10years, minus10years, 10 years, tenyears, minustenyears, -tenyears lol and whatever else so go ahead and try those i havnt tried em myself also ten under score and i guess the files were blank.txt and test.txt so i figured ten under score 1. b 2. l 3. a 4. n 5. k 6. 7. t 8. e 9. s 10. t lol so try "t" lmao but i seriously doubt that Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted November 13, 2008 Share Posted November 13, 2008 I have a 35MB word list that i ran and nothing popped up.. i quite for now but once someone gets the pass ill try again. Quote Link to comment Share on other sites More sharing options...
X3N Posted November 13, 2008 Share Posted November 13, 2008 interestingly i found a password that works to open the archive. try the password "ablins" without quotes. The only thing i dont get is that it shows theres nothing in the file. So if this isnt the right password then why does it work to open the file? I think im more confused now... i also wrote a little python rar/zip password dictionary tester program.... import os import sys import fileinput rarfile = " "+"arr_pirate.rar" arg1 = "x " arg2 = "-p" prog = "7z"+" " f=open("1dict.txt") def crack(): while 1: line=f.readline() password=line[:-1] line=f.readline() command_str = prog+arg1+arg2+password+rarfile result=os.system(command_str) print command_str crack() this uses the 7z.exe from 7zip. It does zip and rar. This would also work with rar.exe if you modify the code. Also as a disclaimer. I suck as python right now so any suggestions on making this code better would be appreciated. Quote Link to comment Share on other sites More sharing options...
X3N Posted November 13, 2008 Share Posted November 13, 2008 heres the output from 7z 7-Zip 4.58 beta Copyright © 1999-2008 Igor Pavlov 2008-05-05 Processing archive: arr_pirate.rar No files to process Files: 0 Size: 0 Compressed: 15732 7z x -pablins arr_pirate.rar I also tried it with the gui which opened it but doesn't show any files in it. However when i tried it with rar.exe it says CRC failed... so im guessing something else may be going on here... Quote Link to comment Share on other sites More sharing options...
digip Posted November 13, 2008 Share Posted November 13, 2008 interestingly i found a password that works to open the archive. try the password "ablins" without quotes. The only thing i dont get is that it shows theres nothing in the file. So if this isnt the right password then why does it work to open the file? I think im more confused now... i also wrote a little python rar/zip password dictionary tester program.... import os import sys import fileinput rarfile = " "+"arr_pirate.rar" arg1 = "x " arg2 = "-p" prog = "7z"+" " f=open("1dict.txt") def crack(): while 1: line=f.readline() password=line[:-1] line=f.readline() command_str = prog+arg1+arg2+password+rarfile result=os.system(command_str) print command_str crack() this uses the 7z.exe from 7zip. It does zip and rar. This would also work with rar.exe if you modify the code. Also as a disclaimer. I suck as python right now so any suggestions on making this code better would be appreciated. ablins does not work if you tyr it in winRAR but it does in 7zip, only it shows nothing in 7zip. I wonder of the header should be changed to 7zip and then try it what woudl happen?? Quote Link to comment Share on other sites More sharing options...
X3N Posted November 13, 2008 Share Posted November 13, 2008 heres another dump of a password that spits out some interesting stuff F:\crypto>rar x -pabey arr_pirate.rar RAR 3.61 Copyright © 1993-2006 Alexander Roshal 14 Sep 2006 Shareware version Type RAR -? for help ê2î→▬¥-+ÄÿåZ«-}+HoUédT▌▌îYêcY++♠)W☻↨É∟Jáj5¬=ú+←▬+n+2E!JL°%YXÉ~▌£Ü-ÑS☺&ì.l 0♫LE-g_♥2-k -♂~SA£#r↑k948{▌▌!n·B+\+¿;+<↨+9|B-⌂g-++£+f»- EÜ▌F}♦LölûÉv▌↕W*zvM▌²'+hr♦8D ? ÑGU▌8G+}{▌ajó+åÿÑo☼[e♥à]SWs*☻ -2W¼5ùo-8v+§2ßîg▌2åƒoª+?]Äoµ-á+ßßn☻▌vP]v)=~gæ8F ↑-++W¢_Ѳe%-*p-lÇ▲+O"<ü·Å▲+s- {Ä♫7u+ò6cA☻Vë@t\f¬J-ÿ!ä9¬ßsnP;¬0=ôܪw+=K▌m`+☻p°ûat º↔X_▌d²½S∟M▼4+☺xÄ-^ßW|aY*♣'▌tuì+=·)GÄ+▲9←òí+♠¬N`ñMg-edèMLR◄}J+"°Y▌+}_Z²+S w½n+ª↕ ÅÅ+♥á+n⌂-5Ü♠F~t▬O}·▌q+B+1+ i♣tQS_↨ ,sFh←↑ü=RYy▌ܶ‼ÆIJ'▬TpÑ+☻▌_☺p(ƒ \2H▌T-ï»▌:¡+{ å )▲I+ƒ▌}}5_|-[üc-◄&G▬\++M++"-vya=+¼> Kb⌂-▌☼H☺o÷+-++çï-æò)|]▌oòH;+;=nT ÖƒB1¬Ö¬-♦+▌`$ü1Q3ä+∟A▌+-♂c;ÅÆ)CfM-+Ií▌>↨i²T¡*_♂>-+Ñ☼►íù|»T+Å ▌¢ñxa6·ô▌96Æ4=Où D▬↕9æÇǧ+▌§▌ît(+¬a8<\&‼ùâ▬o_ÿ¢ë☻e+▬»▌4¬▌±↕)+S∟¿▬ Z¥UOö+¼\+) 3(zpn½!♂O▌ô♥=æNw$nf{r-~I=L-·O¢+)átû▌c7tGRl♀ñÑTY"O'là}¶▌»ªs▬H+∟yü Ö+s-d'-:8~bT§+3Xñ→-▌I-É+u▌m▲á+↔S▌ƒLv(wSP☺4▌▌^ów+ A+gÖû²}Z▌G-n& ·à▌¢DMU-p!◄$◄++‼-,ôàù→+▌Z%æ→-1aYï - the file header is corrupt Encrypted file: CRC failed in arr_pirate.rar (password incorrect ?) No files to extract Quote Link to comment Share on other sites More sharing options...
X3N Posted November 13, 2008 Share Posted November 13, 2008 http://dl.getdropbox.com/u/332413/rarpass.py http://dl.getdropbox.com/u/332413/1DICT.TXT http://dl.getdropbox.com/u/332413/UnRAR.exe also a little base64 converter program http://dl.getdropbox.com/u/332413/base64decode.py The new and improved dictionary attack unrarer. Still needs some error handling work though but works ok for watching the output of weirdness from this arr_pirate.rar file... Quote Link to comment Share on other sites More sharing options...
X3N Posted November 13, 2008 Share Posted November 13, 2008 Just some more information gathered. The header for an encrypted rar is this 526172211A0700CE9973 The header of an unencrypted rar is 526172211A0700CF9073 The difference being the CF90 vs CE99 but both translate to the same thing in ascii. Quote Link to comment Share on other sites More sharing options...
X3N Posted November 14, 2008 Share Posted November 14, 2008 anyone have any success? or anymore ideas? i have a couple questions for plunk. does the file require any repairing? and if not then is the password guessable? guessable meaning using logic or word relationships is it figure-outable by a human? also are there any more clues to be found on or in the file in order to figure out the password? also when trying to use certain passwords with either rar.exe unrar.exe and 7z.exe it will spit out trash and say the file header is corrupt. is that just a bufferoverflow from the .exe or is that something having to do with what you did to the file? and one more thing... will we have to brute force the password or not? with that said... if anyone is still interested in figuring this out then i suggest we start compiling a list of methods of figuring it out. Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted November 14, 2008 Share Posted November 14, 2008 I think im done.. I will make a new one later and give hints.. That way we can work our selfs up to a certain level of knowledge.. I would like if each of us took turns that way not just one person was making them and it became a community thing. Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted November 14, 2008 Share Posted November 14, 2008 Link to the new thread.. I am going to start out easy and gradually increase difficulty. HERE Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.