Many times I have the need to open old rar encrypted files, but since I'm using Apple KeyChain I no longer have the ability to remember passwords, so many times I use abrute force configurable tool Crark


The primary goal of cRARk is to recover (crack) your forgotten password on RAR archives. 

Rar/WinRar versions 2.x-3.x-4.x up to 4.0 are supported.

Please bear in mind you have quite no chance to crack unknown password (longer than 6-7 symbols) if you have no additional info about it. 

This is command-line utility for Win32, Linux, Mac OS. 

RAR security overview

RAR/WinRAR archiver version 2.x used its proprietary, but rather strong encryption algorithm. At least no RAR 2.0 attacks were known except brute force for password recovery. 

Starting from version 3.0, RAR has been using a strong AES algorithm, which also doesn't allow any attacks more effective than the brute force. Besides, the key derivation function uses more than 70000 SHA-1 transformations and brute force rate on modern CPU is very low, only several hundreds of passwords per second. This carries inference that RAR 3.x password encryption is one of the strongest between popular encryption systems in the context of brute force rate. 

Advantages of cRARk are:

  • Absolutely free, but it is not open source.
  • One of the fastest RAR password recovery software, uses extremely optimized MMX & SSE code
  • Optimization for latest x86 instructions: AVX, XOP, AES-NI for Intel Sandy Bridge and AMD Bulldozer processors
  • Support of RAR password recovery on NVIDIA GPU using CUDA technology, and using OpenCL, on NVIDIA and AMD/ATI GPU's

For this tutorial I'll use the mac os x version but I think there aren't any major differences between Mac, Win or Linux versions.

Firs of all unrar download the package and then unrar it into a new folder. The content of the folder will be like the following:

-rw-r--r--   1 gg1  staff    2085 13 Ago  2010 README

-rw-r--r--   1 gg1  staff   32953 13 Ago  2010 cRARk.html

-rw-r--r--   1 gg1  staff      55 13 Ago  2010 crackme.def

-rwxr-xr-x   1 gg1  staff  360580 13 Ago  2010 crark

-rwxr-xr-x   1 gg1  staff  360820 13 Ago  2010 crark-hp

-rw-r--r--   1 gg1  staff   50021 13 Ago  2010 crark.rus.txt

-rw-r--r--@  1 gg1  staff  435431 28 Ago  2010 crark33-mac-nocuda.rar

-rw-------   1 gg1  staff    2247  3 Lug  2007 english.def

-rw-r--r--   1 gg1  staff  151236 24 Lug  2010 rarcrypt-hp1.dll

-rw-r--r--   1 gg1  staff  137152 24 Lug  2010 rarcrypt-hp2.dll

-rw-r--r--   1 gg1  staff  100724 24 Lug  2010 rarcrypt1.dll

-rw-r--r--   1 gg1  staff  119352 24 Lug  2010 rarcrypt2.dll

-rw-r--r--   1 gg1  staff    4393 13 Ago  2010 readme.rus.txt

-rw-------   1 gg1  staff    3232  3 Lug  2007 russian.def

-rw-------   1 gg1  staff    2763  3 Lug  2007 spanish.def

-rw-r--r--   1 gg1  staff    3402 13 Ago  2010 versions.txt

The .def fles (yellow highlighted) are the default password files definitions for the specified language. crackme.def is a definition file prepared to crack the crark archive. cRARk.html is a little but useful manual.

crackme.def file contains the following lines:

# Please use -l13 -g18 options


designed \ for \ $A *

Copy the crackme.def file onto password.def

$ cp crackme.def password.def

Run crark

$ ./crark -l13 -g18 crark33-mac-nocuda.rar 

And wait for the results

            cRARk 3.3d Freeware

    Copyright 1995-2001, 2006-11 by P. Semjanov,

     portions (c) 1993-2005 Eugene Roshal

 (c) PSW-soft Password Cracking Library PCL v. 2.0d by P. Semjanov

Testing archive crark33-mac-nocuda.rar : version 2.9

Testing     crackme.def              : file is not encrypted

Testing     crark                    : file is not encrypted

Testing     crark-hp                 : file is not encrypted

Testing     cRARk.html               : file is not encrypted

Testing     crark.rus.txt            : file is not encrypted

Testing     english.def              : file is not encrypted

Testing     rarcrypt-hp1.dll         : file is not encrypted

Testing     rarcrypt-hp2.dll         : file is not encrypted

Testing     rarcrypt1.dll            : file is not encrypted

Testing     rarcrypt2.dll            : file is not encrypted

Testing     README                   : file is not encrypted

Testing     readme.rus.txt           : file is not encrypted

Testing     versions.txt             : file is not encrypted

Testing     crackme                  

Choosing best crypto functions.............................................................

Chosen: ASM  (Northwood/Core 2/iX), SSE2 (P4/AMD) (-f1454)

Ticks per password expected = 14378861, theoretical = 27000000, CPU rate = 1,88

Warning: No charset for ' ' in line 3

Warning: No charset for ' ' in line 3

Processing line 3 of password definition file...

Testing 13-chars passwords ...

Testing 14-chars passwords ...

Testing 15-chars passwords ...

Testing 16-chars passwords ...

Testing 17-chars passwords ...

designed for CUDA - CRC OK

In hex (PCL style): \64 \65 \73 \69 \67 \6E \65 \64 \20 \66 \6F \72 \20 \43 \55 \44 \41 

Passwords tested = 67031 (time = 16:27,08, rate = 68 p/s)

Total     tested = 67031, slow tests = 8430