Recovering a WinRAR Archive Password

Passwords are great, and most of the time it’s safe to forget one of them. If you forget your password to some online service, you’re (almost always) able to restore it via some web interface. If you forget your Windows password (not including Windows 8, perhaps?) you’re able to alter or wipe it using some live system running off a CD or USB-thumbdrive.

Forgetting an encryption password is a bit worse, since the entire point of encryption is to make the information unreadable unless you have the right key. Some systems have recovery measues in place, but far from all. So if you forget the password to your RAR archive, what can you do?

Some of the compression archive formats support password protection (which is encryption), but this only covers how to recover WinRAR passwords.

And recovering is a nice word for cracking. And no, you’re not allowed to crack other people’s archives.

Step 1: Download cRARk

You’re able to get the software from cRARk.net for free. There are both Windows and Linux versions available, as well as with and without GPU support. While I havn’t had the pleasure of testing the GPU versions, generally utilizing the GPU makes the entire process a lot faster.

Step 2: Extract

Extract the archive. I’ll leave this to you. I reckon you must already be able to handle RAR files, since you are recovering the password for one =).

Step 3: Run

Open a terminal (or cmd.exe, if you are on Windows) and navigate to the folder where you extracted the archive. In Windows, you can hold Shift and right click – and then click “open command window here”.

On Linux using the non-GPU version, you can type:

./crark-hp -g15 -ptest.def myarch.rar

The first part is the binary (program) used. “./” indicates that we want to run the program named crark-hp in our current folder. You can try to use crark as well, but it failed to detect RAR version for my test archive.

“-g” defines the maximum character limit that the program will search through. “-g15” sets this limit to 15. You can use the “-l” flag to set the minimum limit. Note that no parameters have space between the flag and the value.

“-p” sets the password definition file. The standard is default.def, which you will have to create yourself. Specify it to make sure what rules you are running. More about this later on.

“myarch.rar” specifies the RAR file to use.

Step 4: Done (or not?)

cRARk will notify you when it has either found your password or exhausted the key space (searched everything and found nothing).

About password definition files

The password definition files basicly define what passwords should be used. We are performing a brute force attack, but can specify what set of characters to use. cRARk comes with good documentation on how to write this file, and what can be used to efficiently recover passwords. You can find the chapter on the definitions here.

An example would be (haven’t tested this one, beware typos):

$a = [abcdefghijklmnopqrstuvwxyz]
##
$a *

Or look at the sample english.def.

Cheers!

Leave a Reply

Your email address will not be published.