PasswordOne

polin93 · Inscrit le: 01 Mar 2009 Messages: 2 Localisation: RP93

bonjour,

j'ai essayé le programme ça marche tres bien

Mais je n'arrive pas à résoudre les cas suivant :

j'ai un fichier "Z192.rar" dans lequel il y a un dossier "Z" et dans lequel dossier il y a un fichier video nommé A61.flv

j'ai essayé pas mal de combinaison et il me met

--> chemin invalide

ou :

---> You need to start extraction from a previous volume to unpack Z\A61.flv

No files to extract

2e exemple :

j'ai un fichier toto.rar dans lequel il y a un fichier tutu.rar
et dans tutu.rar il y a un fichier "Enature Camp Russian.mov", ce dernier fichier ayant un mot de passe

pb : un rar dans un fichier rar
et Enature Camp Russian.mov = des espaces entre les mots et le dos n'aime pas ?
impossible de changer et de mettre des tirets

merci pour vos lumières

Polin du 93

PasswordOne · Posté le: 02 Mar 2009 07:41 Sujet du message:

Bonjour polin93,

1er exemple :
Quand tu extraits les fichiers avant d'utiliser cRARk, tu as une option : Restaurer le dossier d'origine, qui te permets d'avoir la structure des dossiers d'origine.
Dans ton cas le dossier Z.
Ensuite il te suffit d'utiliser cRARk au niveau du dossier Z depuis une invite de commande pour analyser le fichier A61.flv qui contient un mot de passe.

2ème exemple :
Idem que dans le 1er exemple.
Ensuite il te suffit d'utiliser cRARk au niveau du ficier tutu.rar depuis une invite de commande pour analyser le fichier Enature Camp Russian.mov qui contient un mot de passe.

polin93 · Inscrit le: 01 Mar 2009 Messages: 2 Localisation: RP93

bonsoir

merci pour le tuyau

En effet je suis allé voir les commandes en ligne du programme winrar = c'est pas mal - bien plus puissant que la version classique

en plus dans le help il y a des exemples (fichier manuel de la console Rar en cliquant démarrer --> programmes --> WinRar

7-Zip a aussi des commandes en ligne
WinZip = il faut installer le programme en plus de la version classique

sinon peut tu nous dire quels sont toutes les commandes en ligne de crark, j'ai rien trouvé sur le site à part :

"-p" "-lx" "-g"

merci bien

Polin93

PasswordOne · Posté le: 09 Mar 2009 20:27 Sujet du message:

Bonjour polin93,

Dans le programme compressé, tu as le fichier crark.txt qui contient toute la documentation en anglais :

(THIS WAS THE MACHINE TRANSLATION)
-------------------------------------------------------------
c R A R k
(First & Fastest RAR Cracker)
v. 3.1

(c) Copyright PSW-soft 1995-2001, 2006-2007 by P. Semjanov

THIS PROGRAM VERSION IS DISTRIBUTED "AS IS". YOU MAY USE IT
AT YOUR OWN RISK. ALL THE CLAIMS TO PROGRAM OPERATION WILL BE
REJECTED. THE AUTHOR DOES NOT ALSO GUARANTEE THIS PROGRAM
FUTURE MAINTENANCE AND UPDATE.

This is FREEWARE program, so it can be distributed under the
following conditions: program code is kept unchanged and the
program is distributed in the form of distributive archive.
Any commercial use of this program is prohibited!

1. PURPOSES AND CHARACTERISTICS

The cRARk program is designed to determine a forgotten
password for RAR-archives. This program operates adequately
with RAR-archives versions 2.x and 3.x.

To proceed with cRARk program you need a computer with the
Pentium compatible processor or later. It is recommended to use
as powerful processor as possible (the code is optimized for
Pentium III/4/AMD/Core 2).

cRARk is the tool for professionals, no GUI or great service
is provided. But it tries to maximize your abilities for
passwords definition and to minimize search time. cRARk uses
Password Cracking Library (PCL), a very powerful tool
allowing you to define rules to generate passwords.

The rate of password search should be about of 100 password per
second on modern powerful computer, so finding the 6-characters
password of lower case Latin letters will need about a month.
Rate for dictionary attack is about 50 pass/sec. The stored files
rate is slower and depends of file length.

2. REQUIREMENTS FOR THE INPUT ARCHIVE

To ensure the program to process an RAR-archive under test
successfully, the following requirements are to be met:

- There is at least one encrypted file.
- The password should be not longer than 28 symbols (RAR 3.x).
- For maximum speed, this file must be not stored (-m0 option). If
the program displays the warning about it you could simply remove such file
from archive.
In case of solid-archives, the first file should satisfy these requirements
Therefore, if the files in archive were encrypted
with the different passwords, the password for first file will be found.
cRARk must be working with selfextracting (sfx) and multivolume
arhcives. CRARK-HP is designed for cracking archives with encrypted headers.

3. Working with the program.

To run the program YOU ARE TO CREATE PASSWORD
DEFINITION FILE firstly (see section 4).

This is a command-line utility! You should run it from
command (DOS) prompt.

To run the program you should use:

CRARK [options] archive
or
CRARK-HP [options] archive

The found password is printed in such a form:

truepass - CRC OK
Next it is repeated in hexadecimal PCL-like form (see 4.2.1).

All other messages ARE NOT passwords and are intended as progress
indication of the program.

Options in this mode are:

-lXX - to set password length to XX at least (XX =
0..255, XX = 1 by default). This parameter affects password
length only when '*' is used in its definition (see section
4.2.1);
-gXX - to set password length to XX at most (XX = 0..255,
XX = 8 by default);
-pXXXX - to set the name of password definition file
("PASSWORD.DEF" by default). Long file names are supported under
Windows 95/98 only (not MS DOS or Windows NT);
-b - to perform benchmarking;
-v - debug mode (see section 5.1). It may be used to show
character sets in use. This option generates also all the
passwords according to with their definition; it does not test
but prints them, so you can check their validity.
-fWXYZ - (advanced ) set crypto functions #W,X,Y,Z. Some
information about available functions is printed by -b option.

4. THE USE OF PASSWORD DEFINITION FILE IN CHOOSING OF MODE OF
OPERATION AND PASSWORD SET

Password definition file is the main control file.
Its translation and processing are the main task of PCL
library. Its format doesn't depend on application, to which
PCL is linked, so this library can be used for any password
searching program.

4.1. Password definition file format

Password definition file is an ordinary text file and consists
of two parts: firstly, dictionary and character set
definition, and secondly, passwords definition. The parts are
separated by a line of two '##' symbols:

[ <dictionary> ]
##
<passwords>

The first part may be omitted, in that case password
definition file is to begin with '##' symbols.

Anywhere else the symbol '#' is considered as a comment
beginning.

Space characters and tabs are ignored in password definition
file and may separate any components.

For convenience, let password definition mechanism be our
first concern and character set definition be the second one,
contrary to their position in password definition file.

4.2. Password definition

This is the main part of the file. IT NECESSARILY PRESENTS IN
ANY PASSWORD DEFINITION FILE (PASSWORD.DEF) AFTER THE LINE
'##' and presets password generation rules to be checked later
on. It consists of text lines, each giving its own password
set and mode of operation, i. e. an algorithm of password
search. Each line is in its own right and is processed
separately, so the total number of passwords checked is
computed.

Character sets and dictionary words form password definition.
They preset one or more characters, which will hold the
appropriate position in a password.

4.2.1. Character sets

Character set (charset) is a set of characters, which can
occupy current position in a password (but, of course, only
one of them holds it). These characters may be following:

1) Ordinary characters (a, b, etc.). It means that it is this
character that occupies given position in a password;

2) Shielded characters. Special characters, if ever occur in
the password, are to be shielded. The meaning is identical
with mentioned above. Among these are:

\$, \., \*, \?, \= '$', '.', '*', '?', '='
\], \[, \{, \}, $, $ corresponding brackets;
\ (space character) space character
\XX, where X is a hexadecimal digit
any hex-code character
\0 no character. It is usually
used in conjunction with "real" character (see examples below).

Generally, any character can be shielded except hexadecimal
digits.

3) Macros of character set. It means that current position in
the password can be occupied by any character from the set.
These sets are specified in the first part of password defini-
tion file (see section 4.3.2) and are denoted as:

$a - lower-case Latin letters (26 letters, unless
otherwise specified);

$A - upper-case Latin letters (26 letters, unless
otherwise specified);

$! - special characters (32 characters, unless
otherwise specified);

$1 - digits (10 digits, unless otherwise specified);

$i - lower-case letters of national alphabet (33
letters for Russian alphabet);

$I - upper-case letters of national alphabet (33
letters for Russian alphabet);

$o - other user-specified characters;

? - any character (i. e. all the characters, included
into the macros mentioned above).

NOTE: macros $v and $p (see section 4.3.4) cannot be used for
password definition.

4) Any combinations of the characters mentioned above. It is
written in square brackets. The meaning is identical with
mentioned above. For example:

[$a $A] any Latin letter;
[abc] a, or b, or c;
[$1 abcdef] hexadecimal digit;
[s \0] s or nothing;
[$a $A $1 $! $i $I $o] this is equivalent to ?.

5) Regular duplication character '*'. It means that the
preceding character set is to be duplicated 0 or more times
in corresponding (next) positions of the password. For
example:

$a * - a password of arbitrary length, consisting
of lower-case Latin letters;
[ab] * - space character, a, b, aa, ab, ba, bb,
aaa, ...
[$a $A] [$a $A $1] * - "identifier", i. e. a sequence
of letters and digits with a letter at first
position.

Note that password of zero length is physically meaningful and
is not always the same as no password at all.

The length of duplication is computed automatically by
options, on the basis of given maximum and minimum
password length. Note, that these parameters influence
only password length, generated with the use of '*'
character, and are not taken into account for password,
consisting of words or static characters only. It is
recommended to use '*' as wide as possible. This is because
it allows to perform the most powerful search. Although the
constructions '? *' and '? ? *' seem to be alike from the
logic standpoint, the first one will be searched through
faster.

Current restriction: '*' can be the last character
in the line only.

4.2.2. Dictionary words and their modifiers

The words present several consecutive characters of the
password as opposed to character set. Two dictionaries are
supported in PCL library: main (with ordinary words, as usual)
and user (where special information can be stored, for
example, names, dates, etc.), though there is no difference
between them.

Dictionary is a text file, consisting of words, separated by
the end-of-line characters. Both DOS-format (CR/LF) and
UNIX-format (LF) files may be used. It is desirable (to
increase search rate, among other factors) to use words of the
same (lower) case in dictionaries.

Thus, there are two macros:

$w a word from the main dictionary;
$u a word from the user dictionary.

It is known that altered words are often used as passwords. So
to determine such passwords a whole set of word modifiers is
put into use. Among these are:

.u (upper) to upper-case;
.l (lower) to lower-case;
.t (truncate) to truncate up to the given length;
.c (convert) to convert the word;
.j (joke) to upper-case some letters;
.r (reverse) to reverse the word;
.s (shrink) to shrink the word;
.d (duplicate) to duplicate the word.

Modifiers may have parameters, written in round brackets. For
modifiers, intended for use with single letters, the number of
the letter can be considered as a parameter; no parameters or
null parameter means "the whole word". Letters can be
numerated both from the beginning of the word and from the end.
The end of the word is denoted with the character '-'.

There are only three such modifiers for today: .u, .l, .t. So,
use

.u or .u(0) to upper-case the whole word (PASSWORD);
.u(1), .u(2) to upper-case only the first (the second)
letter (Password, pAssword);
.u(-), .u(-1) to upper-case the last (the next to last)
letter (passworD, passwoRd);
.t(-1) to truncate the last letter in the word
(passwor).

The other modifiers operate with the whole words only and
their parameters give the way of modification. The following
modifier parameters are specified for today:

.j(0) or .j to upper-case odd letters (PaSsWoRd);
.j(1) to upper-case even letters (pAsSwOrD):
.j(2) to upper-case vowels (pAsswOrd);
.j(3) to upper-case consonants (PaSSWoRD);
.r(0) or .r to reverse the word (drowssap);
.s(0) or .s to reduce the word by discarding vowels
unless the first one is a vowel
(password -> psswrd, offset -> offst);
.d(0) or .d to duplicate the word (passwordpassword);
.d(1) to add reversed word (passworddrowssap);
.c(<number>) to convert all the letters in the word
according to the appropriate conversion
string (see section 4.3.3).

All the modifiers operate adequately with both Latin and
national letters, provided that the rules of national
character sets definition are observed. Clearly there can be
more than one modifier (the number of consecutive modifiers
is limited by 63, which is unlikely to be exceeded). For
example: (let $w mean a password):

$w.u(1).u(-) PassworD
$w.s.t(4) pssw
$w.t(4).s pss

4.2.3. Permutation brackets

The problem is widely met, when you remember your password,
but it is not do for some reason. Probably, you have mistaken
while typing it. This program has its own algorithm to restore
such passwords. The following typing mistakes are considered:
two neighboring letters are swapped (psasword), a letter is
omitted (pasword), an unneeded letter is inserted (passweord)
or one letter is replaced with another (passwird). Such
password changes will be referred to as permutations.

To indicate the beginning and the end of that portion of the
password where permutations could appear, permutation brackets
'{' and '}' are used. The bracket '}' can be followed by a
number of permutations (1 by default), separated by a point
(or in round brackets). The physical meaning of the number of
permutations is the number of simultaneous mistakes. For
example:

{abc} - 182 (different) passwords will be obtained,
including:

bac, acb 2 swaps;
bc, ac, bc 3 omissions;
aabc, babc ... 4 * 26 - 3 insertions;
bbc, cbc ... 3 * 25 replacements;
abc the desired word;

{password}.2 or {password}(2) - the following words will
be generated: psswrod, passwdro, paasswor, etc.;

{$w} - all the words, containing one mistake, from the
main dictionary.

Notes:
1) It is obvious that some passwords will be obtained more
than once, so the larger is the number of permutations, the
larger is the number of replicas. Efforts were made in this
program to reduce replicas, but they are purely empirical and
were made for two permutations at most. In other words, for
the large numbers there is no certainty that a particular
password cannot be discarded erroneously. Fanatics of the
theory of combinations can compute the exact number for
{password}.3, for example, then I'll be able to compare it
with that one obtained by the program.

2) For insertion and replacement you are to know the set of
characters to be inserted or replaced. In the event this set
is not specified explicitly (see section 4.3.4), this program
forms it automatically for character sets, in relation to
standard set these characters are from (i. e. for {password}
$a will be inserted, for {Password} [$a $A] will be inserted).
The similar operation with words is performed, based on the
first word from the dictionary with modifiers being taken into
account. In the event this set is specified explicitly, it is
just the set to be used.

3) Current restriction is that the character '{' must
necessarily be the first in the line. Such
expressions as good_{password} remain to be supported, but
{good}_password is quite possible.

4.3. Dictionaries and character sets definitions

All the definitions are set in the beginning of password
definition file up to the characters '##'.

4.3.1. Dictionaries definition

The main and user dictionaries in use (see section 4.2.2) are
initially defined as usual. It is necessary only if you are
going to use words from the dictionaries when defining
passwords, i. e. $w or $u.

The dictionaries are given as follows:

$w = "main.dic" # main dictionary
$u = "c:\\dict\\user.dic" # user dictionary

File name is to be quoted, the path characters are to be
shielded. Long file names are adequate for Windows 95/98 only
(not for MSDOS or Windows NT).

4.3.2. Definition of the character sets in use

Then character sets in use are defined, as usual. They are
classified in two groups: predefined and user-defined.
Predefined sets include:

$a lower-cased Latin letters, 26 letters in all;
$A upper-cased Latin letters, 26 letters in all;
$! special characters {}:"<>?[];\',./~!@#$%^&*()_+`-=\|,
32 characters in all;
$1 digits, 10 digits in all.

User-defined sets include

$i lower-cased letters of national alphabet;
$I upper-cased letters of national alphabet;
$o additional character set (for example, any
non-typable characters).

Character sets are defined as follows:

$<charset> = [ <single> ]

To put this another way, character set is written as
combination of characters (see section 4.2.1), for example:

$i = [ !"#$%&'()*+,-./`abcdefghijklmnoq]
$o = [$! $1 \FF]

NOTES:
1) Any character sets are allowed to be defined, including
pre-defined. For example, you may include additional
characters, such as space character or \FF into the set $!

2) When the sets $i and $I are being defined, the function of
switching between lower/upper case is defined automatically.
So it is important to have letters being ordered uniformly in
these sets.

The full character set '?', consisting of [$a $A $1 $!$i $I
$o] (just such an order is of importance in the next section),
is never formed until all the characters are defined.

4.3.3. Definition of conversion modifiers

Then conversion modifiers .c may be defined (see section
4.2.2) in relation to the certain character set ?. It is
performed with the line of the form

?.c(<a>) = "<conversion>"

Any character from the whole set is converted into an
appropriate character, occupying the same position in
transformation string. For example, let

? = [1234567890], then
?.c(0) = "!@#$%^&*()"

gives transformation identical to that for Shift keystroke.
The characters '\' and ' " ' are to be shielded in conversion
string. The numbers of modifiers may vary from 0 to 255.

4.3.4.Special character sets definition

Among special character sets are:

$v - a set of vowels (in all alphabets being used). It is
needed only when .s and .j modifiers are used.
$p - a set for insertion and replacement for permutation
brackets. It is needed only if automatic generation
of this set does not suit you for some reason (see
section 4.2.3).

These sets are defined in a similar way to the other character
sets.

4.4. USEFUL EXAMPLES OF PASSWORD DEFINITION

0) The most typical password definition, similar to that of
preceding program versions, is "$s(2) $s(3) $a *". It means
that the first three characters, obtained by the program, are
to be used and lower-cased Latin letters are to be added next.

The second password character is determined rather inaccurately, so the
following definition is recommended also:

"$s(1) $a $s(3) $a *" (don't use quotes!)

If you are searching through some other character set, don't
forget to set it to the second position of the password. For
example:

"$s(1) [$! $1] $s(3) [$! $1] *" (don't use quotes!)

1) Let me cite ZEXPL2L program specification:
"Let you have an archive with the password looking like
"Heaven!!!", but you have forgotten, how many !s were there in
the end and what kind of letters lower- or upper-cased were
used: "HeAvEn!!!", "Heaven!" or "HeAven!!!!". But fortunately
you remember your password to be 10 characters at most and 7
characters at least." This password will be written in PCL
language as follows:

"He [aA] v [eE] n ! *" (don't use quotes!)
and options -l7 -g10.

Suppose that among other things you have mistaken while typing
the main part of the password. So the following one is worth
attention:

"{He [aA] v [eE] n} ! *" (don't use quotes!)
and options -l7 -g10.

2) One more citation from the same specification: "Let you
have two variants of the password string: "myprog",
"MyProg", "my_prog" and "My_Prog".

It will be written as:

"[mM] y [_ \0] [pP] rog" (don't use quotes!)

3) It is often recommended to use two meaningful words,
separated by certain character, as a password. The
description is as following:

"$w [$1 $!] $w" or
"$w.u(1) [$1 $!] $w.u(1)" (don't use quotes!)

It should be mentioned that both $w are distinct here (these
are distinct words), so a total of 20000 * 42 * 20000 =
1.68E10 passwords (if there are 20000 dictionary words) will
be generated , i. e. it takes, on the average, less than a day
to crack passwords, considered to be extremely hard for crac-
king. Thus, just two successive words are cracked 42 times
faster.

4) Password consists of exactly six letters from national
alphabet:

"$i $i $i $i $i $i" (don't use quotes!)

But "$i *" and -16 -g6 options are far more efficient.

6) You remember your password to be "MyVeryLongGoodPassword",
but it is not do for some reason. Try to use the following
ones:

"{MyVeryLongGoodPassword}" 2382 passwords in 1 second
"{MyVeryLongGoodPassword}.2" 2836413 passwords in 1 minute
"{MyVeryLongGoodPassword}.3" ??? passwords in 2-3 days

7) You know you password to be a meaningful word with a digit
inserted elsewhere. The definition file is:

$p = [$1] # the insertion set is defined as a set of digits
##
{$w}

8) Syllable attack. You are to set up a dictionary of possible
syllables of your language and then to search through all the
meaningful words by proceeding as follows:

$u # monosyllabic words
$u$u # disyllabic words
$u$u$u # etc.
$u$u$u$u
...

9) In order to run your program in parallel on two computers,
give them the following definition files:

"[abcdefghijklm] $a *" for the first one,
"[nopqrstuvwxyz] $a *" for the second one.

Proceed similarly with n computers.

5. Possible problems (FAQ).

1. How to break and then to continue the search.

The program may be broken painlessly once the message "Testing
XX-chars passwords..." is displayed, and then the search may
be continued with - lXX option (both XX are equal).

2. How to resume search from the password XXX?

In no way as yet. I hope, it will be done in the PCL 3.0.

3. The program has been searching for 10 days, but my password
is not yet at hand.

Alas! It can't be helped. May be your password is too long, or
the search set is wrong. Additional information on the
password is necessary.

4. There are files with different passwords in the archive.
What am I to do?

Just remove (using RAR) files with already known passwords.

5. I have tested your program. To my mind, your program is
nothing but utter error, it cannot even find "aaa2"-like
password.

RTFM. Distributive file password.def searches through only lo-
wer-cased Latin letters. Change your password definition to
"[$a $1] *" and everything will be ok.

6. I've got beginning of one file from archive in plain text.
Will it be useful to me?

No. At least, I couldn't use it. Could you? RAR encryption sources
are available in WinRAR distribution.

7. I'd like to optimize your program. How can I get the sources?

You don't need them. Take UnRar sources and optimize the
SetCryptKeys() function. Next contact me.

8. Is there any option to save program operation log?

Probably, you have never dealt with UNIX. Use

crark [options] > file.

If you don't like this, use "tee" utility.

9. Is is possible to speed-up dictionary attack?

Yes, just sort your dictionary by the words size

10. Your distribution kit is packed with a password in
itself!!! I do not find it funny!

You are reading this file, so you have solved this problem.

6. On PCL library

PCL library is distributed by the author as FREEWARE in the
form of source text as well as .LIB (for Borland, Watcom C) or
.a (for DJGPP) files. The reference to PCL as an obligatory
requirement for your programs. Now it is under development, so
I'll be very glad to any comments on defect and errors in the
program, especially to those guiding the way for improvements
and supplements.

7. How to contact the author

Only by e-mail.

Please don't ask me about how to run the program etc -
I have no time to explain individually.

e-mail: pavel@semjanov.com
WWW: http://www.semjanov.com

Program support URL is:
http://www.password-crackers.com/en/category_99/program_13.html

A lot of free, benchmarked password crackers you'll find at

http://www.password-crackers.com

cRARk is a FREE program, so all the claims will be rejected.
Anyway, I'll be very grateful for pointing out the
serious errors, such as:

- the program hangs up while searching (the lack of displayed
messages is not an evidence of hangup);

- the program cannot find such password in
such archive, although the set of characters in
search is specified correctly

I'll be also glad to any constructive suggestions on
improvements of program operation.

8. Special thanks.

To Eugene Roshal for good encryption algorithm;
To John Vandermeersch <vanderme> for correcting this
docs;
To Phil Frisbie, Jr. (pfrisbie@geocities.com) for CPU
identification function.

Good luck!

Pavel Semjanov, St.-Petersburg.