Easily crack the compressed package password

Xiao Li, who works at an IT company, has recently had a big problem: the products that he has worked hard for a few months have been taken over by others at the new product launch conference. Is it really "coincidentally"? Xiao Li knows the importance of this work, so every time I modify the file, I have made a compressed package and set a password. What experts can easily crack the password set by Xiao Li?

First, the case analysis: the cracking of password cracking tools

Anti-black knife can be said to be familiar with this type of password cracking problem, and now cracking tools for various passwords flooded The compressed file package is one of the most frequently used files, so it has caused a lot of "hackers" attention. Let's see what tricks they have!

Second, the assault detection: the password recovery tool is also a hacker accomplice

In fact, many software originally developed the original intention is good, such as a variety of remote control software, and the hacker has become The tool for remote theft, the two compressed file password recovery tools commonly used by hackers mentioned here are also the same!

1.WINZIP compressed file cracking

For WINZIP compressed files, the most commonly used tool for hackers is Elcomsoft's "Advanced ZIP Password Recovery" (AZPR), AZPR provides a graphic The user interface, the hacker can crack the password of the ZIP archive in a few simple steps.

Step 1: Configure the crack tool

First open the encrypted ZIP archive file in "ZIP password-encrypted file". You can use the browse button or function key F3 to select the decryption file. Compress the file package; select the attack mode in "Type of attack": including "Brute-force" (power attack), "mask" (mask search), "Dictionary" (dictionary attack), etc.; in "Brute-force range Options" sets the search range of the brute force attack method. If the user understands the combination characteristics of the password, the search time can be greatly shortened by setting the following options; in "Start from", when the user knows the start character sequence of the password, it can be set. Set this option. For example, when the user knows that the passwords all use lowercase letters, the length is 5, and start with the letter "k", then you can fill in "kaaaa" in the item, and AZPR will search all possible passwords backwards from this password; Password length can be set in the password length, which is also an important option to determine the search time; "Auto-save": The function of the automatic storage option is to automatically save the current settings of the software and the current working state, these key parameters will be automatically automatic Stored in a file named "~azpr.ini", the user can specify the file name of the saved parameters, the time interval for automatic saving, etc. This option allows the user to continue the decryption process that was last interrupted. (Figure 1)

Figure 1

Step two: start cracking

After setting more than a few key options, hackers can begin Crack your ZIP file, click the "Start" button to perform the decryption operation. Since AZPR has the above functions for saving parameters and status, the user can interrupt or continue the operation process at any time. When the password is found, the user will see the password content, the total number of trial passwords, the time spent on cracking, and the average computing speed in the results window. If the password is not found, there will be a corresponding prompt message.

2.WINRAR compressed file cracking

For WINRAR compressed files, Elcomsoft also launched "Advanced RAR Password Recovery", the software decryption speed is very fast, can help you find RAR files The password can be unlocked up to 128 digits after registration. It provides the time required to estimate the password; interrupt calculations and recovery to continue the previous calculation. However, it has become a cracking tool in the hands of hackers. The specific use method is basically the same as "Advanced ZIP Password Recovery", which is not introduced here. (Figure 2)

Figure 2

3. Beware of "multifunctional password cracking software" mischief

In addition, there are still a product called "multifunctional password The tool to crack the software is worthy of attention, and it is also used by hackers. The software can crack Access97/2000/xp password, Word/Excel97/2000/xp, QQ (local and online), SQLSERVER (local and remote), windows98 login password, ZIP/RAR file password, asterisk password check, you can view Any password content that appears as * (except for web pages). The ZIP/RAR file password can't escape the software "robbery"! Let's take a look at how hackers use this tool to make waves.

Hackers install and run the software, switch to "ZIP /RAR" option, shown in Figure 3:

Figure 3

click the "Browse" button to locate local The ZIP/RAR file to be cracked on the hard disk, then need to make the following settings:

(1) "Crack bit setting": You can set the minimum password length and password maximum length.

(2) "Crack character setting": You can choose to use one or more of numbers, lowercase letters, uppercase letters, which need to be selected according to the password of the set compression package, of course, if If you choose, then the speed of cracking will definitely be slower and it will take longer. After

is set up, click on the "Start" button to crack, after a break for some time, and finally crack the password is displayed in the "progress" box, shown in Figure 4:

three Ingeniously set up, make compressed files impeccable

In addition to compressing files, we often use WinRAR and WINZIP as one encryption software. When compressing files, setting a password can achieve the purpose of protecting data. It is. Because of this, cracking software for compressed file passwords is also everywhere. The length of the password is not the biggest obstacle for the current cracking software. So, how can we make compressed and encrypted files unbreakable? In addition to doing daily security work, we have to make the following settings:

Now the cracking software must specify an Encrypted File when cracking the encrypted file password, and then use it according to the dictionary. Exhaustive methods to crack passwords. But if we compress multiple files that need to be encrypted and then set a different password for each file, then the cracking software can't help it. The specific operation is as follows:
1. Compress it and set it according to the conventional method. Password;
2. Prepare a different file (of course this file is a little smaller, because we just use it to confuse the cracking software);
3. Open our first step in the WinRAR work window good compressed encrypted file, select "Add to archive file" menu option, as shown in the "command" menu:

FIG. 5

4. in the pop-up "Please select In the "Added Files" dialog box, select the "Other Files" we prepared, click the "OK" button and return to the "Compress File Names and Parameters" dialog box;

5. In the "Advanced" tab tab Click the "Set Password" button to set a different password and start compressing. FIG 6:

FIG. 6

After the above steps, and now completed the two password has been set (If multiple files, each file may be provided to a different Password, if you are worried that you will forget, only two passwords can be used to achieve the purpose). Open the compressed file and you can see that each file name has an asterisk indicating the encryption in the upper right corner. However, if you open different files, you need the corresponding password. You can't get the correct password by using the crack software. This method is also applicable to files encrypted with WinZip.