How in the Tech

Cracking ZIP, RAR, and 7z Files

By Adam Myers ⋅ April 27, 2008 ⋅ Tags: Linux, Privacy

Nine months ago you did a good deed. In a valiant attempt to clean up your filesystem you compressed and archived a few directories and their contents. Decidingly clever, effort was put towards keeping prying eyes out and your data secure – a password was embedded in the archive file. Without the password, no one could access your data. Time has passed until today, when you’ve realized you need access to one of the files you’ve archived away. What was that password again? There is a solution to your predicament, RarCrack.

RarCrack is a Linux program that applies a bruteforce approach to cracking password protected rar, zip, and 7z files. Brute force has its limitations but in general, it can be quite effective. Besides, what other options do you have at this point?

Download

wget http://downloads.sourceforge.net/rarcrack/rarcrack-0.2.tar.bz2?modtime=1193432831&big_mirror=0

Install

Use

rarcrack your_encrypted_archive.ext [--threads thread_num] [--type rar|zip|7z]

Everything in [] are optional, rarcrack cracks with two threads by default and autodetects the archive type. If the detection is wrong you can specify the correct file type with the type parameter. RarCrack currently cracks with a maximum of 12 threads. After the cracking has started, RarCrack will print the current status to a file. If you want more specific password character set to brute force from, you need to run RarCrack to create the XML status file (3 sec).

Here is a sample XML file with a password character set:

<?xml version=”1.0″ encoding=”UTF-8″?>
<rarcrack>
<abc>0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ</abc>
<current>uU</current>
<good_password></good_password>
</rarcrack>

With a bit of luck you will be able to determine the necessary password. In the same vain, you should take caution in just how easy this can be to crack the next time you wish to password protect a file.