Password Recovery/Cracking FAQ (c), 1999-2000, 2006 v. Where can I get the latest version of this FAQ? What is a 'password cracker'? Why is it possible to crack somebody's password?

What are the main cracking methods? What should I do to make my passwords uncrackable? What is the difference between password, key and hash?

Tested, mostly free password recovery software with benchmarks and. How can I recover self-extracting archives. How can I crack password for e-mail, www. Normally.exe file is a Windows executable file, i.e. However.exe file may contain ZIP or RAR file archive inside (so called self-extracting archives). This archive may be password protected. To break password protected self-extracting archive (.exe file) you can use Zip Password or Rar Password program.

How difficult is it to crack keys of different length? How can I estimate time needed to use brute-force for passwords of a certain length?

Application passwords • 3.1.1. Is it possible to crack (ARJ, ZIP, RAR etc) password instantly? How to recover ZIP passwords? How to recover RAR passwords? How to recover ARJ passwords? How can I recover self-extracting archives passwords?

Is it possible to crack Office 95 passwords? Is it possible to recover Office 97/2000 passwords? Драйвер Geforce Fx 5500 Windows 7. What is the best way to decrypt Word/Excel 97/2000 file with password for opening? Is it possible to recover Office XP/2003 passwords? What is the best way to crack Word/Excel XP/2003 file with password for opening? What about PDF documents protection?

Operational systems passwords • 4. Mary Ann Sieve Shaker Manual Lawn there. 1.1. How can I log into a Windows NT/2000/XP/2003 computer without knowing the administrator's password? How can I bypass the administrator's password in the NT/2000/XP/2003 domain?

How can I crack a password in Windows 95/98/Me? How can I crack a password for Windows shared resources? I don't have access to the computer. Is it still possible to crack the administrator's password? How can I log into a Linux computer without knowing the root password?

What is the encryption-system used in Novell Netware and is it possible to crack it? Can I get dial-up passwords? Can I decrypt ICQ, POP3, FTP, Telnet password in. How can I crack password for e-mail, www-server etc? What archivers provide the best encryption? What are strong file/disk encryption tools?

What tools are known to be not strong? What cryptographic systems or applications have backdoors? Where can I get the above password recovery? Where can I get the password recovery for.?• 7.2. The password recovery I have found is shareware/commercial. How to crack it?• 7.3. I can't find the necessary cracker.

What could I do?• 7.4. Is there any software that will help me to write my own cracker?• 7.5. What is the best (fastest) cracker for.? Is password recovery legal? Main info 1.1. Where can I get the latest version of this FAQ? The main URL is.

What is a 'password cracker'? Password cracker is any program which can decrypt passwords or otherwise disable password protection (e.g.

Decrypt file without knowing the password). If mechanisms of password protection use weak encryption, than it is possible to recover the original password or pick a new one, considered to be correct. Otherwise, password crackers can use brute force method trying words after word, often at high speeds. Why is it possible to crack somebody's password? There are many reasons that make it possible to crack some passwords. These reasons include human factors such as short or easily-guessing passwords, usage of weak (proprietary) algorithms, export restrictions that prohibit usage of strong cryptography, incorrect usage of strong algorithms, some implementation flaws including backdoors, bugs etc. It's described in details in the article.

What are the main cracking methods? These methods are based on vulnerabilities existing in cryptoalgorithms and their implementation. In case of absolutely weak algorithm or terrible flaws in implementation it may be 'one byte patching' method - then simply changing one byte in the program will result in correct decrypting without right password. It is surprising fact that such programs still exist. Weak algorithms or incorrect usage of strong ones allow using other simple methods of password recovery. They vary in specific applications but the main idea is substantial reducing of possible passwords on the basis of additional information. In case of secure algorithms (when attacker can only generate passwords and check them) two main methods exist - brute force attack and dictionary attack.

Brute force attack is used when there is no additional information on password and attacker simply tries all possible passwords - one-characters, two-characters etc. To resist this attack the cryptosystem should encourage long mixed-characters password and should have long password setup time that significantly decreases brute force speed. If cracker knows that the password is a certain word he may use dictionary attack. Then only words from dictionary are tested as password candidates. The dictionary contains less than 100.000 words so they can be tested very quickly - in most cases in a few seconds.

The combination of two attacks mentioned above is known as ' syllable attack'. It may be used when password is deformed or unexisting word is used, and the cracker can combine the syllables to get such a word.

The most powerful attack is 'rule-based attack'. It can be used in any case when cracker obtains some information about the password he wants to crack. For example, he knows that password consists of the word and one- or two-digit number. He writes the rule and the program generates only suitable passwords ( user1, mind67, snapshot99 etc).

Another example - he knows that the first letter is in upper case, the second is a vowel and the password length is not greater than 6. This information can decrease the number of possible passwords in 20-30 times.

This method includes all - brute force, dictionary and syllable attacks. Finally, some weak algorithms allow 'known-plaintext attack'.

It means that the cracker has some files or file fragments in un-encrypted form and wants to decrypt others. Strong cryptoalgorithms successfully resist this type of attack - the knowledge of un-encrypted file will give nothing to cracker. What should I do to make my passwords uncrackable? First, choose the software that uses strong cryptography and implements it correctly (see 5.2). Then always choose the passwords that are non-words, contain mixed-case letters and digits, and have reasonable lengths (not less than 6 symbols). The best way is to use randomly generated password (if you can remember it).

If you can't then it is better not to write the password down on your desktop but choose more convenient one (for example, it could contain the first letters of you favorite phrase - if cracker doesn't know this phrase!). You should not use the same password in different systems or for different internet sites. Some theory 2.1. What is the difference between password, key and hash? These terms, which are entirely different in cryptography, are often mixed up.

Password - is that very word, word combination or meaningless character set which we enter answering some programs' request. However, these programs do not use passwords for encryption, they just get keys from them. Encryption keys are bit strings (0 or 1) of different length, 40, 64 and 128-bit keys are most widely used.

So, to decrypt anything you need to know either password or the key itself. To get a key from a password the hashing operation is often used. Hashing is a rather complicated cryptographic function, which is getting a string of any length at the input and generating a bit-string of fixed length (hash) at the output. It has to main characteristics: even a minor modifying of the input string leads to complete change of the output hash value; and it's practically impossible to find the input string knowing the hash value. How difficult is it to crack keys of different length? The longer is the key, the more difficult it is to crack it.

For example, a 40-bit key can be easily cracked within a couple of days by anyone of us using brute-force on a modern home computer. But to crack a 64-bit key you need to join powers of many computers in the internet, and all the process will take some months. And as for 129-bit keys, no one can crack them at all: neither all the computers in the world working all at once, nor Microsoft or FSB (provided that they don't have new secret technologies, which are unfamiliar to public science). How can I estimate how much it will take me to use brute-force for passwords of a certain length? Quite simply.

Try to gauge how many different symbols could have been used in making the password (if you take only lower-case latin letters - then 26, if digits, too - then 36 - see the table below), raise it to the power of the password length - and you will get the number of all possible variants for brute-force. Then you should divide this number by the brute-force rate. To find this rate you can run the cracker with some test file.

If you use n computers, this number should by also divided by n.