WinRAR question

[rudrax]

Guys, I just get to know here that winRAR stores password in registry..Does anybody know the path?

[SnakeMasteR]

HKEY_CURRENT_USER\Software\WinRAR\Passwords

that are only those, that you entered yourself for later use. ;)

[rudrax]

HKEY_CURRENT_USER\Software\WinRAR\Passwords

that are only those, that you entered yourself for later use. ;)

Thanks..any tricks for breaking a password protected archive comes from other?

[SnakeMasteR]

If WinRAR would store/encrypt passwords from external archives, the password

function would be really useless. ^_^ There are different ways to encrypt unknown

archives, e.g. using RAR GPU or cRARk. If you have no additional info about the

password, it will take a long time anyway. :)

[rudrax]

If WinRAR would store/encrypt passwords from external archives, the password

function would be really useless. ^_^ There are different ways to encrypt unknown

archives, e.g. using RAR GPU or cRARk. If you have no additional info about the

password, it will take a long time anyway. :)

RAR GPU support is up to winRAR 3.x

cRARk promises up to winRAR 4.0

Well, thanks a lot buddy..

[speedy57]

HKEY_CURRENT_USER\Software\WinRAR\Passwords

that are only those, that you entered yourself for later use. ;)

Thanks..any tricks for breaking a password protected archive comes from other?

There's a lot of software that use Bruteforce to break it, but it's not sure that it works and if it works it takes a very very long time so just leave it...

For example a password with only 6 characters (and just letters !) give 19.770.609.660 possibilities !

;)

[SnakeMasteR]

RAR GPU support is up to winRAR 3.x

cRARk promises up to winRAR 4.0

Well, thanks a lot buddy..

Good luck. ^_^

[lazzser]

If the password is long enough there is no practical way to bruteforce a WinRAR archive.

[circaal]

Best way to find the password if the archive was downloaded is to google the .rar file. Usually brings up the location of where the file was downloaded, hopefully with the password on the same site.

-BTY

[rudrax]

I think, the password gets stored somewhere in the winRAR database..If windows admin password can be cracked even without logging in and facebooks's salted MD5 hashes can be decrypted, then why not winRAR..? :rolleyes:

[speedy57]

Because it's encrypted into the RAR-file...

;)

[jasonliul]

How about Advanced RAR Repair?

http://www.datanumen.com/arar/

[Levo]

How about Advanced RAR Repair?

http://www.datanumen.com/arar/

Practically useless,if the rar archieve has been encrypted with a password of more than 3 alphabets,its unlikely it can be opened with any of these softwares.Even with bruteforcing it could take days,hence not practical.

[lazzser]

I think, the password gets stored somewhere in the winRAR database..If windows admin password can be cracked even without logging in and facebooks's salted MD5 hashes can be decrypted, then why not winRAR..? :rolleyes:

The password is not stored. The files are first compressed and then encrypted with state of the art algorihms. When you try to extract the files are decrypted with the password that you gave and then their hashes are compared with the stored ones, if they match the decrypted files are assumed as ok.

If the password is strong (long enough, not in dictionary...) there is no practical way of recover the content of the archive. You may try to bruteforce the password with some software/hardware combination, but is very unlikely to succed (unless the password is a very weak one)

The best aproach is to to try to have the password or the content by some other mean. In Windows the password hash is stored because of the content is not encrypted. Salted MD5 is considerably weaker criptography than WinRAR´s AES. Even if you manage to find a hash colission, a correct decryption is not warranted.