Many times I have the need to open old rar encrypted files, but since I'm using Apple KeyChain I no longer have the ability to remember passwords, so many times I use abrute force configurable tool Crark
The primary goal of cRARk is to recover (crack) your forgotten password on RAR archives.
Rar/WinRar versions 2.x-3.x-4.x up to 4.0 are supported.
Please bear in mind you have quite no chance to crack unknown password (longer than 6-7 symbols) if you have no additional info about it.
This is command-line utility for Win32, Linux, Mac OS.
RAR security overview
RAR/WinRAR archiver version 2.x used its proprietary, but rather strong encryption algorithm. At least no RAR 2.0 attacks were known except brute force for password recovery.
Starting from version 3.0, RAR has been using a strong AES algorithm, which also doesn't allow any attacks more effective than the brute force. Besides, the key derivation function uses more than 70000 SHA-1 transformations and brute force rate on modern CPU is very low, only several hundreds of passwords per second. This carries inference that RAR 3.x password encryption is one of the strongest between popular encryption systems in the context of brute force rate.
Advantages of cRARk are:
- Absolutely free, but it is not open source.
- One of the fastest RAR password recovery software, uses extremely optimized MMX & SSE code
- Optimization for latest x86 instructions: AVX, XOP, AES-NI for Intel Sandy Bridge and AMD Bulldozer processors
- Support of RAR password recovery on NVIDIA GPU using CUDA technology, and using OpenCL, on NVIDIA and AMD/ATI GPU's
For this tutorial I'll use the mac os x version but I think there aren't any major differences between Mac, Win or Linux versions.
Firs of all unrar download the package and then unrar it into a new folder. The content of the folder will be like the following:
-rw-r--r-- 1 gg1 staff 2085 13 Ago 2010 README
-rw-r--r-- 1 gg1 staff 32953 13 Ago 2010 cRARk.html
-rw-r--r-- 1 gg1 staff 55 13 Ago 2010 crackme.def
-rwxr-xr-x 1 gg1 staff 360580 13 Ago 2010 crark
-rwxr-xr-x 1 gg1 staff 360820 13 Ago 2010 crark-hp
-rw-r--r-- 1 gg1 staff 50021 13 Ago 2010 crark.rus.txt
-rw-r--r--@ 1 gg1 staff 435431 28 Ago 2010 crark33-mac-nocuda.rar
-rw------- 1 gg1 staff 2247 3 Lug 2007 english.def
-rw-r--r-- 1 gg1 staff 151236 24 Lug 2010 rarcrypt-hp1.dll
-rw-r--r-- 1 gg1 staff 137152 24 Lug 2010 rarcrypt-hp2.dll
-rw-r--r-- 1 gg1 staff 100724 24 Lug 2010 rarcrypt1.dll
-rw-r--r-- 1 gg1 staff 119352 24 Lug 2010 rarcrypt2.dll
-rw-r--r-- 1 gg1 staff 4393 13 Ago 2010 readme.rus.txt
-rw------- 1 gg1 staff 3232 3 Lug 2007 russian.def
-rw------- 1 gg1 staff 2763 3 Lug 2007 spanish.def
-rw-r--r-- 1 gg1 staff 3402 13 Ago 2010 versions.txt
The .def fles (yellow highlighted) are the default password files definitions for the specified language. crackme.def is a definition file prepared to crack the crark archive. cRARk.html is a little but useful manual.
crackme.def file contains the following lines:
# Please use -l13 -g18 options
designed \ for \ $A *
Copy the crackme.def file onto password.def
$ cp crackme.def password.def
$ ./crark -l13 -g18 crark33-mac-nocuda.rar
And wait for the results
cRARk 3.3d Freeware
Copyright 1995-2001, 2006-11 by P. Semjanov,
portions (c) 1993-2005 Eugene Roshal
(c) PSW-soft Password Cracking Library PCL v. 2.0d by P. Semjanov
Testing archive crark33-mac-nocuda.rar : version 2.9
Testing crackme.def : file is not encrypted
Testing crark : file is not encrypted
Testing crark-hp : file is not encrypted
Testing cRARk.html : file is not encrypted
Testing crark.rus.txt : file is not encrypted
Testing english.def : file is not encrypted
Testing rarcrypt-hp1.dll : file is not encrypted
Testing rarcrypt-hp2.dll : file is not encrypted
Testing rarcrypt1.dll : file is not encrypted
Testing rarcrypt2.dll : file is not encrypted
Testing README : file is not encrypted
Testing readme.rus.txt : file is not encrypted
Testing versions.txt : file is not encrypted
Choosing best crypto functions.............................................................
Chosen: ASM (Northwood/Core 2/iX), SSE2 (P4/AMD) (-f1454)
Ticks per password expected = 14378861, theoretical = 27000000, CPU rate = 1,88
Warning: No charset for ' ' in line 3
Warning: No charset for ' ' in line 3
Processing line 3 of password definition file...
Testing 13-chars passwords ...
Testing 14-chars passwords ...
Testing 15-chars passwords ...
Testing 16-chars passwords ...
Testing 17-chars passwords ...
designed for CUDA - CRC OK
In hex (PCL style): \64 \65 \73 \69 \67 \6E \65 \64 \20 \66 \6F \72 \20 \43 \55 \44 \41
Passwords tested = 67031 (time = 16:27,08, rate = 68 p/s)
Total tested = 67031, slow tests = 8430