Night_Reaper Posted January 29, 2013 Posted January 29, 2013 Hi Guys, I've just started a new job and the previous IT guy has left all his old files in encrypted RAR and ZIP files on the network. He's left now and not answering calls, and I need the stuff in those files. Apart from all the crappy brute force software that's coming up on a simple google search does anyone know a quicker way to get into the files? Really appreciate the help! Quote
digip Posted January 29, 2013 Posted January 29, 2013 Probably one of the best tools, http://www.elcomsoft.com/products.html or write your own brute forcer. Without the password, only way to crack it is brute force or get a hold of the person who made the files. Quote
Night_Reaper Posted January 29, 2013 Author Posted January 29, 2013 Thanks for that. I was hoping that I wouldn't have to brute force it. Anyway to pipe it into John the Ripper? Thanks again! Quote
digininja Posted January 29, 2013 Posted January 29, 2013 What do you mean by piping into JtR? JtR is a password cracker in the same way as the Elcomsoft tool is but their tool is specialised whereas John isn't Quote
Night_Reaper Posted January 29, 2013 Author Posted January 29, 2013 Use JtR to run an incremental brute force attack on it. The elmscroft one is fine but im getting 24 p/s which is going to take quite a while! Quote
digininja Posted January 29, 2013 Posted January 29, 2013 you won't get any faster than the Elcomsoft tool, they are the specialists in writing tools like this so there must be a reason they are only running at 24 p/s Quote
no42 Posted January 29, 2013 Posted January 29, 2013 You really want to convince your employer to use the power of the cloud and elcomsoft software, a few processors and gpu's should yield a quicker result. Quote
Jason Cooper Posted January 29, 2013 Posted January 29, 2013 I would suggest targeting the zip files first as the last time I had do a similar task they were a lot faster to crack. Once you have a password try it on all the other zip and rar files (after all he wouldn't be the first person to use the same password for everything). Also you did try a dictionary attack first before going for the brute force attack, didn't you? If he is any good with password choice it would fail, but given the cost of running a dictionary attack is so low you might as well give it a shot (perhaps on an old machine you might have laying around). Quote
Sitwon Posted January 29, 2013 Posted January 29, 2013 I remember using a zip password cracker for VCL back in the 90s, and it worked in a reasonable amount of time on a 133MHz processor. Granted the password was only about 7 characters long, but these days we have much faster processors in our cell phones, you should be able to do a lot better than 24 p/s even with an inefficient shell script. Quote
Sitwon Posted January 29, 2013 Posted January 29, 2013 Here are three open source ZIP crackers I found in less than 1 min on Google. http://oldhome.schmorp.de/marc/fcrackzip.html http://sourceforge.net/projects/zipcrack/ http://sourceforge.net/projects/zipcracker/ Try one of those. Quote
digip Posted January 29, 2013 Posted January 29, 2013 I believe elcomsoft has a GPU version of their cracking tool as well, but don't quote me on that. Either way, should be able to do the trick, or like I mentioned, write your own that uses Cuda or OpenCL type threading against the GPU vs CPU and you speed up the process. I think BackTrack even has some winrar and zip file tools built in, but not sure on the threading and if they allow for OpenCL use, etc. Could take a look at other code examples though and maybe work in your own code to convert them to run agianst a GPU instead of the CPU and then recompile and give it a try that way. Disclaimer** I'm not a programmer, so wouldn't even know where to begin with the converting one program to work from CPU to GPU, but I know people port things like this so it can be done. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.