Article directory
Software Description
ARCHPR是一款非常给力的压缩包口令破解工具,它可以帮助你轻松破解各种类型口令,例如纯数字口令、数字字母组合口令等,还包括但不限于明文、掩码、字典和暴力破解等模式。
software download
Link: https://pan.baidu.com/s/1Rr8Pdsr4tUNo_zRLEIY7cA?pwd=6666
Extraction code: 6666
Software usage
1. Page display
| area number | area name | function |
|---|---|---|
| 1 | File loading area | Can load ZIP/RAR and other encrypted files and display the path. |
| 2 | Attack type area | Choose different attack types according to the actual situation to make cracking easier. |
| 3 | Configuration area | Configure the cracking range, length or load a custom dictionary to make cracking more flexible. |
2. Operation tips
Note:
The ARCHPR in this article is version 4.54, winrar is the 6.11 evaluation version, and the compressed packages are all in ZIP format.
Scope:
It is recommended to implement the principle of minimization, check the range options as little as possible without knowing the password, and then gradually increase the cracking scope.
Length:
Guess the possible length of the password. The longer the length you choose, the longer the cracking time will be. On the contrary, the time will be shorter.
Success rate:
1) The password must be within the selected range in order to be solved. The more check boxes, the more combinations, the success rate will go up, but the speed will be relatively slower.
2) The success rate is not 100%. The first is the recognition ability of the software itself. For example, the compressed packages produced by some compression software cannot even be recognized, and therefore cannot be violently cracked. This is related to the compression software and the design of this software version. The second is algorithmic problems. Some encryption algorithms cannot be reversed for the time being, so they cannot be cracked.
3.Function demonstration
General steps: Select the compressed package to be cracked->Select attack type->Select range->Select length->Start
Brute force cracking demonstration.
Selection range: numbers and lowercase letters. Length: 1-4 to perform brute force cracking and successfully recover the file password.
Mask attack demonstration
This attack type can be used if part of the password is known and the remaining part is unknown.
Typical scenario: The encryption of some digits in the ID card and mobile phone number is missing, such as 131****1234
Dictionary attack:
Load a specific password dictionary for brute force cracking.
Typical scenario: Obtain the author related information of the compressed package through social engineering, such as mobile phone, QQ, birthday, etc., and combine characters to generate a dictionary for brute force cracking.
Online social engineering password dictionary generator: https://www.bugku.com/mima/
A plaintext attack
refers to learning the contents of a file in an encrypted compressed package in some way, taking advantage of the feature that all files in the same ZIP compressed package are encrypted with the same key. By comparing the encrypted compressed package and the unencrypted compressed package, Finally find out the key to encrypt the compressed package and unlock other encrypted files.
Typical scenario: The website backup compressed package is obtained through path scanning in WEB security, and the content is encrypted. However, some static file contents can be obtained by scanning the website. These static files are part of the website files and are also the contents of the encrypted backup file.
