Many times I have the need to open old rar encrypted files, but since I'm using Apple KeyChain I no longer have the ability to remember passwords, so many times I use abrute force configurable tool Crark
The primary goal of cRARk is to recover (crack) your forgotten password on RAR archives.
Rar/WinRar versions 2.x-3.x-4.x up to 4.0 are supported.
Please bear in mind you have quite no chance to crack unknown password (longer than 6-7 symbols) if you have no additional info about it.
This is command-line utility for Win32, Linux, Mac OS.
RAR security overview
RAR/WinRAR archiver version 2.x used its proprietary, but rather strong encryption algorithm. At least no RAR 2.0 attacks were known except brute force for password recovery.
Starting from version 3.0, RAR has been using a strong AES algorithm, which also doesn't allow any attacks more effective than the brute force. Besides, the key derivation function uses more than 70000 SHA-1 transformations and brute force rate on modern CPU is very low, only several hundreds of passwords per second. This carries inference that RAR 3.x password encryption is one of the strongest between popular encryption systems in the context of brute force rate.
Advantages of cRARk are:
- Absolutely free, but it is not open source.
- One of the fastest RAR password recovery software, uses extremely optimized MMX & SSE code
- Optimization for latest x86 instructions: AVX, XOP, AES-NI for Intel Sandy Bridge and AMD Bulldozer processors
- Support of RAR password recovery on NVIDIA GPU using CUDA technology, and using OpenCL, on NVIDIA and AMD/ATI GPU's
For this tutorial I'll use the mac os x version but I think there aren't any major differences between Mac, Win or Linux versions.
Firs of all unrar download the package and then unrar it into a new folder. The content of the folder will be like the following:
-rw-r--r-- 1 gg1 staff 2085 13 Ago 2010 README
-rw-r--r-- 1 gg1 staff 32953 13 Ago 2010 cRARk.html
-rw-r--r-- 1 gg1 staff 55 13 Ago 2010 crackme.def
-rwxr-xr-x 1 gg1 staff 360580 13 Ago 2010 crark
-rwxr-xr-x 1 gg1 staff 360820 13 Ago 2010 crark-hp
-rw-r--r-- 1 gg1 staff 50021 13 Ago 2010 crark.rus.txt
-rw-r--r--@ 1 gg1 staff 435431 28 Ago 2010 crark33-mac-nocuda.rar
-rw------- 1 gg1 staff 2247 3 Lug 2007 english.def
-rw-r--r-- 1 gg1 staff 151236 24 Lug 2010 rarcrypt-hp1.dll
-rw-r--r-- 1 gg1 staff 137152 24 Lug 2010 rarcrypt-hp2.dll
-rw-r--r-- 1 gg1 staff 100724 24 Lug 2010 rarcrypt1.dll
-rw-r--r-- 1 gg1 staff 119352 24 Lug 2010 rarcrypt2.dll
-rw-r--r-- 1 gg1 staff 4393 13 Ago 2010 readme.rus.txt
-rw------- 1 gg1 staff 3232 3 Lug 2007 russian.def
-rw------- 1 gg1 staff 2763 3 Lug 2007 spanish.def
-rw-r--r-- 1 gg1 staff 3402 13 Ago 2010 versions.txt
The .def fles (yellow highlighted) are the default password files definitions for the specified language. crackme.def is a definition file prepared to crack the crark archive. cRARk.html is a little but useful manual.
crackme.def file contains the following lines:
# Please use -l13 -g18 options
##
designed \ for \ $A *
Copy the crackme.def file onto password.def
$ cp crackme.def password.def
Run crark
$ ./crark -l13 -g18 crark33-mac-nocuda.rar
And wait for the results
cRARk 3.3d Freeware
Copyright 1995-2001, 2006-11 by P. Semjanov,
http://www.crark.net
portions (c) 1993-2005 Eugene Roshal
(c) PSW-soft Password Cracking Library PCL v. 2.0d by P. Semjanov
Testing archive crark33-mac-nocuda.rar : version 2.9
Testing crackme.def : file is not encrypted
Testing crark : file is not encrypted
Testing crark-hp : file is not encrypted
Testing cRARk.html : file is not encrypted
Testing crark.rus.txt : file is not encrypted
Testing english.def : file is not encrypted
Testing rarcrypt-hp1.dll : file is not encrypted
Testing rarcrypt-hp2.dll : file is not encrypted
Testing rarcrypt1.dll : file is not encrypted
Testing rarcrypt2.dll : file is not encrypted
Testing README : file is not encrypted
Testing readme.rus.txt : file is not encrypted
Testing versions.txt : file is not encrypted
Testing crackme
Choosing best crypto functions.............................................................
Chosen: ASM (Northwood/Core 2/iX), SSE2 (P4/AMD) (-f1454)
Ticks per password expected = 14378861, theoretical = 27000000, CPU rate = 1,88
Warning: No charset for ' ' in line 3
Warning: No charset for ' ' in line 3
Processing line 3 of password definition file...
Testing 13-chars passwords ...
Testing 14-chars passwords ...
Testing 15-chars passwords ...
Testing 16-chars passwords ...
Testing 17-chars passwords ...
designed for CUDA - CRC OK
In hex (PCL style): \64 \65 \73 \69 \67 \6E \65 \64 \20 \66 \6F \72 \20 \43 \55 \44 \41
Passwords tested = 67031 (time = 16:27,08, rate = 68 p/s)
Total tested = 67031, slow tests = 8430
the download will not unrar, keeps failing, asking for a password.
One of the files in the rar archive is crypted, so you must extract only the not encrypted files. Don’t try to extract the whole file at once.
i dl. extracted. when prompted for password, i just left it blank. it unzipped.
now i feel stupid. I know its a terminal app.
but what do I do?
If found the instructions (html file in the zip) for a definition file i need to create if i have an idea about hte password. I dont unfortunately.
i dont know what file to run in terminal. or how to run it.
any help be greatly appreciated.
thanks
i dl. extracted. when prompted for password, i just left it blank. it unzipped.
now i feel stupid. I know its a terminal app.
but what do I do?
If found the instructions (html file in the zip) for a definition file i need to create if i have an idea about hte password. I dont unfortunately.
i dont know what file to run in terminal. or how to run it.
any help be greatly appreciated.
thanks
@sea Open a terminal and launch the crark application has shown in the article
$ ./crark -l13 -g18 <your_filename.rar>
— if the password is aaarto, it's not working… please help!
cRARk 3.42 (CUDA enabled) Freeware
Copyright 1995-2001, 2006-12 by P. Semjanov, http://www.crark.net
(c) PSW-soft Password Cracking Library PCL v. 2.0d by P. Semjanov
Testing archive signal.rar : version 2.9
Testing The Signal and the Noise.pdf
CUDA capable device #0 v. 1.1 not found, CPU is used
Choosing best crypto functions…………………….
Chosen: SSSE3 (Core 2/iX), SSE2 (P4/AMD) (-f2676)
Clock cycles per password expected = 13928935/34917840 (*), theoretical = 24805332
Pure SHA-1 clock cycles per byte expected = 3.2/6.5 (*), theoretical = 5.0
Intel(R) Core(TM)2 Duo CPU T8300 @ 2.40GHz found, CPU rate = 1.61 (*)
(*) May be inaccurate if Turbo Boost is on
Warning: No charset for ' ' in line 4
Processing line 4 of password definition file…
Testing 13-chars passwords …
OpenCL aaarto
Passwords tested = 12000 (time = 02:47.69, rate = 72 p/s)
this error,please:
OpenCL device #0 Intel(R) UHD Graphics 630 found, 1150 MHz, 96 SP cores, GPU rate = 0.30
Trying to compile generic OpenCL kernel. Please wait… Successfully.
Running self-test… Successfully.
Choosing best crypto functions………
Chosen: AVX2, AVX, AVX2 (-f346), AES-NI
Clock cycles per password expected = 3241282(SIMD)/15994735 (x64) (*), theoretical = 21172752
Calculating pure SHA-1 clock cycles…
Pure SHA-1 clock cycles per byte expected = 0.8 (SIMD)/3.1 (x64) (*), theoretical = 4.2
Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz found, CPU rate = 5.73 (*)
(*) May be inaccurate if Turbo Boost is on
Error: syntax error in line 1