Date: Sat, 9 Jan 2021 16:17:55 +0100 From: Solar Designer <solar@...nwall.com> To: john-users@...ts.openwall.com Subject: Re: Cracking rar password with rar-opencl On Sat, Jan 09, 2021 at 03:46:12PM +0100, Anton Berggren wrote: > Okey so my command will be with this info: john --wordlist=rockyou.txt > --fork=2 --restore > Or am i wrong here? Wrong. You would not be restoring anything, but starting a new attack. So the command might be e.g.: john --session=rockyou --wordlist=rockyou.txt rar-hash.txt You can also try adding "--fork=2", although this specific attack is expected to complete in a couple of hours anyway. The "--session=rockyou" is so that you don't overwrite progress made by your previously running attack, and can continue that one if desired. In fact, you can just keep it running simultaneously (which also eliminates the need for "--fork=2"). > Yeah, i dont know anything about the password length or language used. > It include only one small file of 12kilobyte. > > Sometimes websites use their domain as password.. or simliar. But ive tried > that and also with different variants does not work. Hmm. This raises doubts whether you're even supposed to have that password. ;-) That said, you can put the likely "base words" in a text file and then use: john --session=custom --wordlist=custom.txt --rules=all rar-hash.txt This will test more "different variants" than you'd test manually. > I can restrict the password length to 15 character or so. That most likely. > Dont think its 20 or more. This doesn't really matter, because either 15 or 20 is way out of reach for a (semi-)exhaustive search against a RAR archive, whereas when you're testing e.g. the RockYou list you can do so without having to restrict it by password length. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.