rarcrack

Brute force the password for an archive (tries to guess the archive type)

$ rarcrack [path/to/file.zip]

$ rarcrack --type [rar|zip|7z] [path/to/file.zip]

$ rarcrack --threads [6] [path/to/file.zip]

rarcrack <archive.rar> [options]

Examples:
rarcrack archive.rar --letters --numbers --symbols --minlen=4 --maxlen=8
rarcrack archive.rar --dictionary=wordlist.txt

<archive.rar>
    The path to the encrypted RAR archive file to be cracked.

-L, --letters
    Includes all lowercase and uppercase letters (a-z, A-Z) in the character set for brute-force attacks.

-N, --numbers
    Includes all numeric digits (0-9) in the character set for brute-force attacks.

-S, --symbols
    Includes common symbols (!@#$%^&*()-_+=~`[]{}\|;:'",.<>/? ) in the character set for brute-force attacks.

-l <length>, --len=<length>
    Sets both the minimum and maximum password length to a specific value.

-m <length>, --minlen=<length>
    Specifies the minimum password length for brute-force attacks.

-M <length>, --maxlen=<length>
    Specifies the maximum password length for brute-force attacks.

-f <file>, --charset-file=<file>
    Uses a custom character set defined in the specified file for brute-force attacks. Each character on a new line.

-c <name>, --charset=<name>
    Uses a predefined character set. Common names include all, alpha, num, alnum.

-d <file>, --dictionary=<file>
    Performs a dictionary attack using the specified wordlist file. Each word on a new line.

-s <password>, --start-pass=<password>
    Starts the brute-force attack from a specific password, useful for resuming an interrupted attack.

-t <num>, --threads=<num>
    Specifies the number of CPU threads to use for the cracking process, accelerating performance.

-H, --help
    Displays the help message and exits.

-V, --version
    Displays version information and exits.

-v, --verbose
    Enables verbose output, showing more details about the cracking progress.

-e <delay>, --delay=<delay>
    Sets a delay (in seconds) between password attempts, primarily useful in specific network or rate-limited scenarios.

rarcrack is a command-line utility designed to recover lost or forgotten passwords for RAR archives. It primarily employs two common password cracking techniques: brute-force attacks and dictionary attacks.

In a brute-force attack, rarcrack systematically tries every possible combination of characters within a specified charset and length range until the correct password is found. This method is exhaustive but can be extremely time-consuming for complex or long passwords. For dictionary attacks, it attempts passwords from a provided list of common words or phrases, which is much faster if the password is included in the dictionary.

The tool supports multi-threading to speed up the cracking process and can often resume an attack from a previous state, making it suitable for long-running password recovery operations. Its simplicity and effectiveness make it a popular choice for recovering access to password-protected RAR files.

Cracking complex or long passwords can be an extremely time-consuming and CPU-intensive process, potentially taking days, weeks, or even years depending on available hardware and password strength. Success is not guaranteed, especially for strong, truly random passwords. Users should only employ rarcrack on files for which they have explicit permission or ownership, as unauthorized password cracking can have legal implications.

rarcrack supports two primary attack modes: Brute-Force and Dictionary Attack. Brute-force is exhaustive but slow, requiring character set and length definitions. Dictionary attack is faster but only works if the password is in the provided wordlist. Only one attack mode should be specified at a time.

rarcrack can automatically save its progress to a status file (e.g., <archive_name>.xml) in the same directory as the archive. If an attack is interrupted, simply restarting the command with the same parameters will allow it to resume from where it left off, significantly saving time and resources.

The performance of rarcrack is heavily dependent on CPU power and the number of threads utilized. Using the -t or --threads option can significantly accelerate the cracking speed by leveraging multiple CPU cores. For optimal performance, ensure your system has sufficient processing capabilities.

rarcrack emerged as a focused tool to address the common problem of forgotten passwords for RAR archives. Unlike general-purpose password cracking frameworks, it specializes in direct RAR file analysis and attack. Its development has typically been community-driven, often found in penetration testing distributions, providing a simple yet effective solution for this specific use case without requiring complex hash extraction or conversion steps.

unrar(1), zipcrack(1), john(8), hashcat(1)