How to crack password protected rar and 7z files
on GNU / Linux
RarCrack is able to crack rar and 7z archive files protected
by password on Linux.
The program is currently at release version 0.2, so its far from
perfection, but at least it can break rars.
RarCrack is currently installable on most Linux
distributions only from source, to install on a random Linux
distro, download and
make && make install .
RarCrack's
official site is here, I've
mirrored the
current version of RarCrack for download here . To install
rarcrack from source using the mirrored version:
linux:~# wget
http://pc-freak.net/files/rarcrack-0.2.tar.bz2
...
linux:~# tar -jxvvf rarcrack-0.2.tar.bz2
linux:~# cd rarcrack-0.2
linux:~/rarcrack-0.2# make
...
linux:~/rarcrack-0.2# make install
...
On FreeBSD,
rarcrack is available and installable via the
ports tree, to install on FreeBSD:
freebsd# cd /usr/ports/security/rarcrack
freebsd# make && make install
...
To use
RarCrack to crack rar, zip or 7z archive file:
freebsd% rarcrack rar_file_protected_with_password.rar --type
rar
The argument
--type rar is optional, in most archives
RarCrack should detect the archive automatically. The
--type
option could also take the arguments of
rar and
7z
.
I've created a
sample rar file
protected with password linux_then_and_now.png.rar . The
archive
linux_then_and_now.png contains a graphic file
illustrating the linux growth in use in computers, mobiles and
servers.
linux_then_and_now.png.rar is protected with the
sample password
parola
RarCrack also supports threads (a simultaneous instance
spawned copies of the program). Using threads speeds up the process
of cracking and thus using the
--threads is generally a good
idea. Hence a good way to use rarcrack with the
--threads
option is:
freebsd% rarcrack linux_then_and_now.png.rar --threads 8
--type rar
RarCrack! 0.2 by David Zoltan Kedves (kedazo@gmail.com)
INFO: the specified archive type: rar
INFO: cracking linux_then_and_now.png.rar, status file:
linux_then_and_now.png.rar.xml
Probing: '0i' [24 pwds/sec]
Probing: '1v' [25 pwds/sec]
One downside of
RarCrack is its extremely slow in breaking
the passwords on my Lenovo notebook - dual core 1.8ghz with 2g ram
it was able to brute force only 20-25 passwords per second.
This means cracking a normal password of 6 symbols will take at
least 5 hours.
RarCrack is also said to support cracking
zip
passwords, but my tests to crack password protected zip file did
not bring good results and even one of the tests ended with a
segmentation fault.
To test how
rarcrack performs with
password protected zip
files and hence compare if it is superior or inferior to
fcrackzip, I used the fcrackzip's sample pass protected zip
noradi.zip
hipo@noah:~$ rarcrack --threads 8 noradi.zip --type zip
2 by David Zoltan Kedves (kedazo@gmail.com)
INFO: the specified archive type: zip
INFO: cracking noradi.zip, status file: noradi.zip.xml
Probing: 'hP' [386 pwds/sec]
Probing: 'At' [385 pwds/sec]
Probing: 'ST' [380 pwds/sec]
As you can see in above's command output, the zip password cracking
rate of approximately 380 passwords per second is a bit quicker,
but still slower than
fcrackzip.
RarCrack seg faults if cracking a pass protected zip
is passed on without specifying the
--type zip command
arguments:
linux:~$ rarcrack --threads 8 noradi.zip
RarCrack! 0.2 by David Zoltan Kedves (kedazo@gmail.com)
Segmentation fault
While talking about cracking
protected rar and zip archives with
password, its worthy to mention creating a password protected
archive with Gnome Desktop on Linux and FreeBSD is very easy.
To
create the password protected archive in Gnome graphic
environment:
a. Point the cursor to the file you want to archive with
password
b. Press on Other Options and fill in the password in the
pwd dialog
I think as of time of writting, no GUI frontend interface for
neither RarCrack or FcrackZip is available. Lets hope some good guy
from the community will take the time to write extension for Gnome
to allow us to crack rar and zip from a nice GUI interface. Cheers
;)