Monday, February 18, 2008

- Hacking zip,doc,rar,ppt,xls,pdf files -

- Hacking zip,doc,rar,ppt,xls,pdf files -
Hacking zip,doc,rar,ppt,xls,pdf files - part 1
Hi guys and gals this is vivek da great here, this tutorial is for hacking(call it "password recovering" if you want to) the following types of file passwords:

microsoft word(.doc)
microsoft excel(.xls)
microsoft powerpoint(.ppt)
winzip(.zip, .exe(SFX-ZIP)) - Turbo Zip Cracker (http://www.fdrlab.com/)
winrar(.rar, .exe(SFX-RAR)) - Advanced RAR Password Recovery (ARPR) (http://www.elcomsoft.com/prs.html)
acrobat reader(.pdf) - Advanced PDF Password Recovery Pro (APDFPRP) (http://www.elcomsoft.com/prs.html)

The passwords we are gonna hack are done by respective programs(different for all formats). the programs we are gonna use are based on dictionary atacks, hybrid attacks, password masks,brute force attacks(the last option).

Lets begin by a brief of various kinds of attacks:
1. dictionary attacks: in this the program uses a list of words in lexicographic order. these words can be stored as csv(comma seperated values), nsv(newline seperated values or ssv(space seperated values. the program juz takes the words one-by-one from the dictionary list and starts trying it on the file. if the right password is found, then the program halts with a success else it returns the result that the attack has been successful. now you can find all kinds of wordlists on google or altavista(remember my tutorial "hackers friendly google").
Part 2

2.hybrid attacks: these attacks involve appending 1 to 3 characters in the dictionary words, eg. heaven64, boy007, vinyl6, here the characters 64, 007, 6 are appended after dictionary words to increase the number of permutations as some of the people out there like to put these kinds of passwords.

3.password mask: If you already know some characters in the password, you can specify the mask to decrease the total number of passwords to be verified. At the moment, you can set the mask only for fixed-length passwords, but doing this can still help. For example, you know that the password contains 8 characters, starts with 'x', and ends with '99'; the other symbols are small or capital letters. So, the mask to be set is "x?????99", and the charset has to be set to All caps and All small. With such options, the total number of the passwords that the recovery program will try will be the same as if you're working with 5-character passwords which don't contain digits; it is much less than if the length were set to 8 and the All Printable option were selected. In the above example, the '?' chars indicate the unknown symbols.

4.brute force: this is the last option, once the dictionary and hybrid attacks fails then you have to try this. it involves trying all the permutations and combinations with all ascii characters(there are 255 of them, including 0-9, a-z, A-Z, and some special characters) until the right password is found.
you will now be able to crack any of the above mentioned files... find the recovery softwares at:

http://www.elcomsoft.com/prs.html
http://www.fdrlab.com/
http://www.intelore.com/rar_password_recovery.php