Nice Security, But Not When You Forget The Password

[Anonymust]

Security Rules!

But not when your the one who created the extra security feature and cant remember the password.

I just scanned out one of my old laptops (last usage was 3 years ago because the screen was broken) and retrieved what ever files were on it.

and then i DBAN (Darik's Boot And Nuke) the poor 80GB HDD (

Now i got a zip file in 5 parts with pictures... ( i know what pictures are in there, and they weren't meant for no one's eyes but mines hehe)

Back then i used to change my passwords for everything every 3 months! (and i still do)...

Now the sucky part is i cant recall what password I used 4 years ago :S

So i cant unzip the file!

How do i retrieve such a password, other than brute force?

[Sparda]

How do i retrieve such a password, other than brute force?

Use a time machine to ask your self what the password is.

[Anonymust]

Use a time machine to ask your self what the password is.

I dont own a Mac :) hahah

But seriously I don't want to delete these pictures, i just need to unzip them

they are split as the following

*****.zip.001

*****.zip.002

*****.zip.003

*****.zip.004

*****.zip.005

Where **** is the name of the zip file its self,

it may be a lousy 21 MB set of pictures, but it contains 119 pictures ( I guess I got other pictures in there also)

[digip]

Do you have a CUDA capable nvidia GPU? Backtrack has a rar cracker and I think also a zip cracker that can use CUDA enabled nvidia GPU's to speed up cracking, probably get it done in an hour or two if you have the right hardware setup. Shame it's not a rar file, as my friend Martin has an online cracker for all sorts of stuff you can uplaod directly to, but ZIP isn't listed on his site. http://tools.question-defense.com/rar-password-cracker/ He's also one of the guys behind getting the CUDA cracking power into backtrack, so maybe check his posts on the BT forums for how to use CUDA with BT: http://www.backtrack-linux.org/forums/members/purehate.htm

[BattZ]

http://en.wikipedia.org/wiki/CUDA#Supported_GPUs

Check to see if your card is on there for CUDA.

[Anonymust]

Do you have a CUDA capable nvidia GPU? Backtrack has a rar cracker and I think also a zip cracker that can use CUDA enabled nvidia GPU's to speed up cracking, probably get it done in an hour or two if you have the right hardware setup. Shame it's not a rar file, as my friend Martin has an online cracker for all sorts of stuff you can uplaod directly to, but ZIP isn't listed on his site. http://tools.question-defense.com/rar-password-cracker/ He's also one of the guys behind getting the CUDA cracking power into backtrack, so maybe check his posts on the BT forums for how to use CUDA with BT: http://www.backtrack-linux.org/forums/members/purehate.htm

Sadly I got a ATI Radeon HD 3200 :) I told my brother not to buy me this AMD computer :(

Can an nVidia card work on an AMD processor? I wanted to upgrade anyways mines ia onboard GPU.

I want to be able to play World of Warcraft games on dual screens :P

[Charles]

Nvidia works fine with Intel or AMD processors. Same with ATI.

I just like Nvidia better. :P

I think there are services that can crack zip passwords, but I don't know how they work exactly.

Edited August 24, 2010 by Charles

[Anonymust]

Nvidia works fine with Intel or AMD processors. Same with ATI.

I just like Nvidia better. :P

I think there are services that can crack zip passwords, but I don't know how they work exactly.

I'm considering on buying Advanced Archive Password Recovery [link]

:(

[Sparda]

Epic waste of money.

Tried open source tools? http://sourceforge.net/projects/cracx/

http://sourceforge.net/projects/?q=bruteforce

[sablefoxx]

http://www.wpacracker.com/ (supports .zip files)

[Gianluca]

that's weird. Is it really true you can't even remember the resemblance of that password? (some character, the meaning at least). Does it was a completely random password?

I think that would have been better to exploit the OS information leaking. I mean, to create a dump of the entire laptop disk drive and brute force the zip password against it (offsetting the candidate password byte by byte and using multiple lengths). In some cases OS paging can help you to recover lost passwords...

Edited August 26, 2010 by gianluca ghettini

[Anonymust]

that's weird. Is it really true you can't even remember the resemblance of that password? (some character, the meaning at least). Does it was a completely random password?

I think that would have been better to exploit the OS information leaking. I mean, to create a dump of the entire laptop disk drive and brute force the zip password against it (offsetting the candidate password byte by byte and using multiple lengths). In some cases OS paging can help you to recover lost passwords...

Working on a brute force now.... hey man its a OLD file haha i know my passwords used to vary from 4 characters to like 18 characters! So it might take me some time (already running a brute force for uhm... 2 days now) but my computers is a bit slow, and im running the attack in a VirtualBox WinXP

Hopefully at the end *somewhere between 1 week to 2 months* I get the files out

[Mr-Protocol]

Virtual machine will get you nowhere. You need something with GPU acceleration.

Brute force takes years on longer passwords even with GPU.

My thought is... The files aren't worth it. Whatever ex girlfriend pr0n pics they are... let em go lol.

[Anonymust]

Virtual machine will get you nowhere. You need something with GPU acceleration.

Brute force takes years on longer passwords even with GPU.

My thought is... The files aren't worth it. Whatever ex girlfriend pr0n pics they are... let em go lol.

LOL

LOL and LOL again! its not pȱrɳ man lol,

Those things i don't save, they might just fall into the wrong hands! and i wouldn't like that people need privacy :)

Just tryna get my lovely pictures back! i remember the day, but with the picture i can say "a thousand words"

[Gianluca]

add some bias to your brute force search! You MUST have some clue about your password. It was a random 18 key ascii password? I don't think so... or you're another rain man... joke!

If you are spanning the entire ascii space you'll not see the end, even with password key length = 8

but... in the meantime, have u changed gf? If so, what's the deal?

another tip:

I don't know exactly but if the zip file includes the hashed version of the password (to detect quickly the wrong passwords, for example), grab the hash, identify the hash function (from the zip specs) and try some rainbow tables. It's much faster than brute forcing using the zip file api functions because u can use some serious reverter like rainbow-crack or cuda, not thoose shitty zip file recovery programs.

Edited August 27, 2010 by gianluca ghettini

[Infiltrator]

Elcomsoft can crack almost anything, if you have lots of computer processing power.

http://www.elcomsoft.com/edpr.html

[Gianluca]

LOL

LOL and LOL again! its not pȱrɳ man lol,

LOL

it IS definitely pr0n...

if not, why so much dedication? :lol: :lol:

[digip]

Elcomsoft can crack almost anything, if you have lots of computer processing power.

http://www.elcomsoft.com/edpr.html

I didn't see anything in there for ZIP or RAR files though.

[Anonymust]

Elcomsoft can crack almost anything, if you have lots of computer processing power.

http://www.elcomsoft.com/edpr.html

I didn't see anything in there for ZIP or RAR files though.

I think they meant http://www.elcomsoft.com/archpr.html

The "Advanced Archive Password Recovery" by Elcomsoft

[Infiltrator]

I think they meant http://www.elcomsoft.com/archpr.html

The "Advanced Archive Password Recovery" by Elcomsoft

Thank you for correcting me.

[JSee000]

Since you're trying to crack password protected zip-files (and not .rar) maybe this will help: http://www.securiteam.com/tools/5NP0C009PU.html