Certain ZIP and ARJ archives can be unlocked and decrypted in just minutes, provided that you have at least one unprotected file from that archive at your discretion. It does not matter how long and complex the password is! If you have a file from the encrypted ZIP archive in your hands, the whole archive can be usually unlocked in minutes by applying the known-plaintext attack. Similar ARJ archives are unlocked instantly. Fast recovery available only in case of "classical" encryption, not AES.
The most common virtual machines that can encrypt the entire image are Parallels, VMWare, and VirtualBox. However, the encryption strength and the resulting password recovery speeds are vastly different between these VMs. Let us have a look at what the developers of the three VMs do to protect their content.
VMvare uses the same AES-128 encryption algorithm. However, its real-world protection is a night and day difference to Parallels. VMware uses 10,000 rounds of stronger PBKDF-SHA1 hash to derive the encryption key from the password. A CPU-only attack results in around 10,000 passwords a second, making the supported GPU-assisted recovery strongly recommended. The use of a single NVIDIA GeForce 2070 RTX board boosts the recovery speed to 1,6 million passwords per second. This allows finding the reasonably complex passwords. Still, using a targeted dictionary with reasonable mutation settings is recommended.
Build high-performance clusters for breaking passwords faster. Elcomsoft Distributed Password Recovery offers zero-overhead scalability and supports GPU acceleration for faster recovery. Serving forensic experts and government agencies, data recovery services and corporations, Elcomsoft Distributed Password Recovery is here to break the most complex passwords and strong encryption keys within realistic timeframes.
As its name suggests, RAR Password Unlocker, also named WinRAR password cracker, helps recover lost passwords of RAR files. The program has three ways to retrieve the passwords namely brute-force, brute-force with a user-defined mask, and a dictionary. Moreover, it supports all RAR files created by any program.
The main screen of the program lets you set all the parameters you want. You can choose a RAR file by clicking on the browse button. It also lets you pick the character sets you think the password contains which makes the recovery process faster. Character sets you can choose are Latin, spaces, digits, and symbols. A user-defined character set is also available. Furthermore, you can select the method of recovery by choosing from brute force, mask, and dictionary.
The main screen of the tool allows you to browse the file that you want to be cracked. Clicking on next lets you select the encryption type. Then, you can pick the type of recovery method. The methods available are brief scan, brute-force attack, dictionary attack, phonetic attack, date search, free type validation, and customized search.
The main interface of the program lets you select a ZIP file from your PC. Then, you can select which character set you think the password contains. This character set includes Latin, capital Latin, spaces, digits, and symbols. This accelerates the recovery of the password.
Hashcat enables highly-parallelized password cracking with the ability to crack multiple different passwords on multiple different devices at the same time and the ability to support a distributed hash-cracking system via overlays. Cracking is optimized with integrated performance tuning and temperature monitoring.
John the Ripper offers password cracking for a variety of different password types. It goes beyond OS passwords to include common web apps (like WordPress), compressed archives, document files (Microsoft Office files, PDFs and so on), and more.
Brutus is one of the most popular remote online password-cracking tools. It claims to be the fastest and most flexible password cracking tool. This tool is free and is only available for Windows systems. It was released back in October 2000.
Brutus has not been updated for several years. However, its support for a wide variety of authentication protocols and ability to add custom modules make it a popular tool for online password cracking attacks.
Wfuzz is a web application password-cracking tool like Brutus that tries to crack passwords via a brute-force guessing attack. It can also be used to find hidden resources like directories, servlets and scripts. Wfuzz can also identify injection vulnerabilities within an application such as SQL injection, XSS injection and LDAP injection.
Medusa is an online password-cracking tool similar to THC Hydra. It claims to be a speedy parallel, modular and login brute-forcing tool. It supports HTTP, FTP, CVS, AFP, IMAP, MS SQL, MYSQL, NCP, NNTP, POP3, PostgreSQL, pcAnywhere, rlogin, SMB, rsh, SMTP, SNMP, SSH, SVN, VNC, VmAuthd and Telnet.
Medusa is a command-line tool, so some level of command-line knowledge is necessary to use it. Password-cracking speed depends on network connectivity. On a local system, it can test 2,000 passwords per minute.
RainbowCrack is a password cracking tool designed to work using rainbow tables. It is possible to generate custom rainbow tables or take advantage of preexisting ones downloaded from the internet. RainbowCrack offers free downloads of rainbow tables for the LANMAN, NTLM, MD5 and SHA1 password systems.
OphCrack is a free rainbow table-based password cracking tool for Windows. It is the most popular Windows password cracking tool but can also be used on Linux and Mac systems. It cracks LM and NTLM hashes. For cracking Windows XP, Vista and Windows 7, free rainbow tables are also available.
L0phtCrack is an alternative to OphCrack. It attempts to crack Windows passwords from hashes. For cracking passwords, it uses Windows workstations, network servers, primary domain controllers and Active Directory. It also uses dictionary and brute-force attacks for generating and guessing passwords. It was acquired by Symantec and discontinued in 2006. Later, L0pht developers again reacquired it and launched L0phtCrack in 2009.
Aircrack-ng is a Wi-Fi password-cracking tool that can crack WEP or WPA/WPA2 PSK passwords. It analyzes wireless encrypted packets and then tries to crack passwords via the dictionary attacks and the PTW, FMS and other cracking algorithms. It is available for Linux and Windows systems. A live CD of Aircrack is also available.
In this post, we have listed 10 password-cracking tools. These tools try to crack passwords with different password-cracking algorithms. Most of the password cracking tools are available for free. So, you should always try to have a strong password that is hard to crack. These are a few tips you can try while creating a password.
Password-cracking tools are designed to take the password hashes leaked during a data breach or stolen using an attack and extract the original passwords from them. They accomplish this by taking advantage of the use of weak passwords or by trying every potential password of a given length.
Passcovery (opens in new tab)is Windows-based password recovery software made by a company based in St Petersburg, Russia. With it, you can recover passwords from a large range of popular file formats, including Office, PDF, RAR and zip files, iOS and Blackberry backup files, and TrueCrypt volumes.
The goal of a brute-force attack is to try multiple passwords in rapid succession. But modern CPUs aren't particularly well-optimized for this. While my Sandy Bridge-based workstation can process about 28 million passwords per second, it still isn't using all of its available CPU cycles. Remember that you're only guessing and checking. The above CPU utilization screenshot shows that, while clock rate is of course going to help, this application is able to take advantage of parallelism, suggesting that even more cores would help accelerate the process.
In the past, GPGPU-based password cracking was limited to academia, where graduate students slaved away over custom code that never saw commercial implementation. That's no longer the case. Now there are two GPGPU tools available to anyone with a credit card: Parallel Password Recovery and Accent Password Recovery.
In cryptography, a key is a bit stream of set length, eg 40bit, 128bit, 256bit (depending on the encryption method used) that is generated from a password, which is an actual word or combination of characters that is easily remembered by the user. If the encryption method used is not very strong (such as 40bit encryption below) then the number of possible keys is low, and each key can be tested until the correct one is found. With stronger encryption methods this is no longer possible, and a dictionary of words and phrases must be used in an attempt to find the correct password (also known as a dictionary attack). Microsoft Office documents versions 97 and 2000 used what is referred to as 40bit encryption, using RC4 and MD5 algorithms where the key size was artificially reduced to 40bits (to comply with US export regulations relating to cryptography). This allows a brute force attack to test all possible key values to decrypt the file, and can be completed in (at most) roughly 3 days of testing. Office XP and 2003 used a combination of 40bit and newer encryption methods (SH1, 128bit RC4 keys and longer password lengths), so some files are able to be decrypted using the above method while others will need to use dictionary attacks to attempt decryption. Office 2007 introduced a much more secure method of encrypting documents, using AES and multiple hashing methods to further slow down the number of passwords that can be tested (to approximately 200 a second). RAR files use AES encryption and methods that slowdown the password testing process, so only the dictionary based attack is possible. Older ZIP files used their own proprietary algorithm which can be cracked in several hours if certain criteria are met (needs to be a minimum number of files in the ZIP file). Newer version of ZIP files can use AES encryption so only a dictionary attack can be used. PDF files can use 2 encryption methods, older ones (1.4 and earlier) used 40bit encryption, however newer version use larger keys (up to 256bit) and AES encryption so only a dictionary attack can be used. 2b1af7f3a8