I have an old rar backup and I am trying to recover the password. I remember the words in the password, but I usually add some numbers and cap some characters (don't know which ones though). I have been trying for days to use a recovery tool to work on it. Most tools have a dictionary option, but they do not combine the words and numbers into permutations . I need to generate some possible passwords base on about 8 words and 1-9, then run the generated list through a recovery app. Any suggestions?
-
Welcome, are you asking for a tool or technique to do that? – Sep 09 '15 at 02:28
-
I am using a dictionary attack tool and technique. Was looking for a way to generate the dictionary. – Cory Sep 09 '15 at 02:32
-
2Questions like this (yes, you're not the only one) are typically solved by writing a custom application or script. – Neil Smithline Sep 09 '15 at 02:37
-
1just found this - may do the trick http://textmechanic.com/Combination-Generator.html – Cory Sep 09 '15 at 02:41
4 Answers
I would recommend to extract the password hash with rar2john, then go with a mask attack with oclhashcat cracking with your GPU to gain some speed. It works well on windows.
simple example with masking: say you know the password contains the string 'password' but the two numbers that follow are unknown. Then, the masking part of the command will look like this:
command: -a 3 password?d?d
keyspace: password00 - password99
- 189
- 1
- 1
- 5
You can use a program that comes with Kali linux called Crunch to create a custom dictionary.
The syntax for Crunch is;
crunch <min-len> <max-len> [<charset string>] [switch]
The -t
switch can be used to add your string into the dictionary.
[-t @,%^] is optional and allows you to specify a pattern, eg: @@god@@@@ where the only the @'s, ,'s, %'s, and ^'s will change. null null@ will insert lower case characters
, will insert upper case characters
% will insert numbers
^ will insert symbols
You can have a look at the manual and full syntax for Crunch here.
- 7,669
- 6
- 30
- 44
There are some good generators available. Crunch is one worth trying https://pentestlab.wordpress.com/2012/07/12/creating-wordlists-with-crunch/
- 283
- 1
- 4