Common computer password cracking practices

In daily computer operations, we can't do without passwords anytime, anywhere-we need to use the CMOS password when starting the system, use the user password when entering Windows 98, and set the document password when editing Word documents ......, All of these provide necessary security protection for user data security! However, as the application scope of passwords increases, the number of forgotten passwords is also increasing (no one can guarantee that they will never forget the password )! How to crack these passwords after they are forgotten and minimize losses becomes a topic of interest to users. For ease of use, we will give you a brief introduction to common computer password cracking methods: 1. the boot password is generally divided into two different situations based on the user's settings, one is the setup password (when this method is used, the system can be started directly, and the password is only required when entering BIOS settings ); the other is the system password (when this method is used, you are required to enter the password for both the system startup and bios settings. No Password is required ). For the two passwords set by the user, our method of cracking is different: 1. If the computer can boot normally, you just cannot enter BIOS settings (that is, you have set the setup password). After you forget the password, you only need to start debug in the DOS state, and then enter the following command to manually clear the password: -o 70 16-O 71 16-q In addition, users who are not familiar with debug can download a tool software cmospwdwhich specifically crack the CMOS password at http://www.newhua.com. Then start the program in DOS, it will display the user's CMOS Password (cmospwd supports Acer, Ami, award, Compaq, Dell, IBM, Packard Bell, Phoenix, Zenith AMI and other BIOS ), easy to use. 2. If the system password does not have a password, the computer cannot be started (that is, the system password is set). Then, we cannot solve the password forgetting problem through software. In this case, the only way is to open the chassis, discharge the CMOs, clear all the content in the CMOs (including the password), and then re-boot and set. In addition, some boards are configured with a CMOS password to clear the jumper. You can also use this patch cord for the same purpose (see the motherboard manual for details ). Ii. Windows Password 1. Forgetting the Windows 98 Startup Password does not affect the system startup, but it will prevent users from entering their personal settings, therefore, it is necessary to crack the Windows 98 Startup Password to retrieve the "lost" "personality. To this end, you can delete *. the PWL password file and all the personal information files in the profiles subdirectory, and then restart Windows 98, a password setting box containing no user name will pop up, we do not need to enter any content, click OK to delete the Windows 98 password. In addition, you can change the userprofiles under the HKEY_LOCAL_MACHINE, network, and logon branches of the registry database to "0", and then restart Windows 98 to achieve the same purpose. 2. Screen Protection passwords use the screen protection function of the system to prevent others from stealing their computers while they are absent, thus protecting data security. However, without other restrictions, the screen protection password of the system is very fragile. After the password is forgotten, we only need to use the "reset" key to forcibly start the computer (some poorly designed Screen Saver can even be forcibly disabled using CTRL + ALT + DEL, and then right-click the blank area on the desktop and execute the "attribute" command from the shortcut menu, open the "Display Properties" setting box, click the "Screen Protection" tab, and then cancel the "password protection" option (you do not need to confirm the password when canceling this option ). In addition, it is said that there is still a CD dedicated to cracking the Screen Protection password on the market. After the disc is inserted, it uses the automatic running function of Windows 98 to start the Screen Protection password cracking program stored on the disc, and analyzes and decrypts the password of the screen protection function, finally, it is easier to display the password on the screen or write it to a floppy disk (Sorry, this feature is just a hearsay, and I have not seen such a CD with my own eyes ). 3. You can also set a password for the power management function of Windows 98. After this function is set, the system requires a password when returning from the energy-saving status, so as to achieve the purpose of protecting the system to a certain extent. However, because the power management function password is exactly the same as the Windows 98 start password, we only need to follow the previous method to crack the Windows 98 start password, and its power management password will not be cracked. From the above introduction, we can see that the password protection function of Windows 98 is not perfect. Both the boot password, screen protection, and power management password are very weak, we must add other control measures to prevent others' intrusion. For more information, see. Iii. compressed file Password 1. WinZip: After you forget the zip package password, you can download the uzpc (ultra zip password cracker) decryption software dedicated to crack the zip package password at http://www.golubev.com/to help us retrieve the lost password. As shown in uzpc interface 1, we only need to execute the "new" command in the "task" menu and select the ZIP file to crack the password from the "open" dialog box that appears, then, the uzpc opens a "Preferences" dialog box (2 ). Users should select which files in the zip package should be decrypted from the "archive files" list box (WinZip has the function of setting different passwords for different files in the same zip package, however, most zip packages do not use this function. They usually set the same password for all files, therefore, common zip password cracking software can only process such ZIP files with the same password. They are often invalid for zip Packages containing multiple passwords at the same time. Uzpc is different. It can separately decrypt the passwords of different files in the zip package to better meet the requirements of the majority of users. The "archive files" list box is used to select files with different passwords in the same zip package ). Next, we should select an appropriate decryption method (mainly four types: "backdoor method", "exhaustive method", "Dictionary Method" and "pattern matching method, we generally use the "brute force exhaustive mode "). After the settings are complete, click the "Next" button to go to the system rrute force attack parameter dialog box (3 ), users are required to set the password cracking parameters (such as whether to include uppercase and lowercase letters, numbers, spaces, symbols, or all content, and the password length. Finally, click the "go" button, and the system will use the exhaustion method to test all possible combinations of passwords until the final result is found, which is very convenient to use. In addition, it should be noted that, if the number of digits of the password is long, the uzpc testing process may take a long time. To facilitate user use, uzpc provides the function of temporarily stopping the operation and continuing the test from the disconnection, we only need to use the "save" button during the test to record the current cracking status, and then we can rest assured that the ongoing test will be interrupted without worrying about data loss. After that, we only need to click the "open" button in the uzpc to open the previous record, and the uzpc will continue searching from the break, thus saving the user time. 2. When the password of the ARJ compressed package is forgotten, arj downloads a professional arjcompressed package password cracking software aapr (Advanced ARJ password recovery) at http://www.elcomsoft.com/and uses it to find the password of the ARJ compressed package. As shown in interface 4 of aapr, we only need to select the ARJ compressed package to be cracked from the "ARJ password-encrypted file" dialog box, in the "brute-force range options" dialog box, select the password range (also set whether to include uppercase and lowercase letters, numbers, spaces, symbols, or all characters ). Finally, click the "Start" button, and the system will use the exhaustion method to test all possible combinations of passwords. After finding the password, it will be displayed, which is very convenient to use! 3. rar RAR is also a very popular compression software. After you forget the password of the RAR package, you can download a crarksoftware at http://www.ssl.stu.neva.ru/to crack it. This is a command line utility. It mainly uses the command line to crack the password of the RAR compressed package. The command format is "crark command line parameter RAR compressed package file name ". But in fact, we generally only need to use the "crark RAR compressed package file name" command directly, and use the default parameters to crack the RAR compressed package password. Appendix: Meaning of crark command line parameters: -lnumber indicates the Minimum Password Length-gnumbe indicates the maximum password length-scharset uses your own settings-dname sets the name of the main dictionary-uname sets the name of the user dictionary file-pname sets the password Progress File Name four, text processing software password 1, WPS (1) in earlier WPS for DOS versions, WPS has a general-purpose password Ctrl-qiubojun. We only need to use this password to open all the Encrypted documents, then copy the content in the document to other documents in block copy mode to solve the problem (changes made when the document is opened with a general password cannot be saved ). (2) WPS 2000 as we all know, WPS 2000 adopts two different levels of document encryption methods, namely "common encryption" and "Top Secret encryption ". It said in the manual that after the user forgets the document password, if the document adopts the "common encryption" method, he can ask technical staff of Kingsoft for help, they will help you find the forgotten password. If the document adopts the "top secret encryption" method, the password cannot be decrypted after it is forgotten, but this is not the case. Whether we forget the "common" password or "top secret" password, we can download a software named ewpr (Edward WPS password recovery) at http://cyg.yeah.net/to crack the forgotten password. This is a password cracking software edited by Chinese people (but I still don't understand why so many Chinese people like to edit software on the English interface ), it provides four decryption methods (for general users, the most useful method is the "exhaustive mode"). You can simultaneously decrypt documents that adopt "common encryption" and "Top Secret encryption" (the operation method is the same ). Specifically, when we use ewpr to crack the password of WPS 2000 document, we should first specify the required WPS 2000 document (5) in the "encrypt WPS 2000 file" dialog box ), in the "type of attack" list box, select the appropriate password cracking method (generally, select the "brute-force" brute force mode ). Next, select the possible password range in the "brute-force range options" list box based on the actual situation, in the "Start from" dialog box, specify the characters to start searching (mainly used to continue cracking from the last interruption ). After setting these options, we only need to click the "run" button and ewpr will use the exhaustive method to crack the password of WPS 2000 document, which is very convenient to use (during the running process, we can use the "pause" and "resume" buttons to temporarily interrupt the operation and continue the operation from the center ). 2. The password protection function of office WPS 2000 is not secure. What about Microsoft Office? In fact, Microsoft's security is not trustworthy (the security issues of software such as Windows 98 and IE are typical textbooks ). The software that crack the password of the Office series document is as much as Ox hair, I am the most commonly used is aopr (all called Advanced Office 97 password recovery, download URL is http://www.elcomsoft.com /). This software can simultaneously crack the passwords generated by software such as Word, Excel, and access in Microsoft Office series. This frees users from downloading them one by one and cracking the software using individual passwords. In addition, aopr can search for the password of the *. Dot template file of word, which is not available in other similar software! It must be noted that aopr was developed for office 97 (Office 2000 was not available when aopr was launched ), however, the format of Office 2000 documents is basically no different from that of Office 97 documents, therefore, we can also use aopr to crack the password in the Office 2000 document (at least I did not find any problems during use ). After aopr is started (6), you only need to select the Office document that forgets the password from the "encrypted Office 97 document" dialog box, in the "brute-force range options" dialog box, select the password range, then select the appropriate password cracking method in the "type of attack" list box (of course, select the "brute-force" brute force mode as before), and click the "Start" button, the system will use the exhaustion method to test all possible combinations of passwords, find the password, and then display it (the use of different software seems similar ). How about it? 3. There may not be many users using Lotus word pro from Lotus Corporation (IBM subsidiary) in China, however, the functionality of the software is no inferior to that of Microsoft Word (more advanced in some aspects ), many users in China often receive emails in the Lotus word pro format. Many Chinese and foreign joint ventures also use Lotus word pro for daily text processing, so here we will introduce the password cracking method of Lotus word pro to you. After the user forgets the lotus word pro password, we can download a wprokeyd (password recovery for Lotus word Pro) to the http://www.lostpassword.com to crack it. Wprokeyd is an application specifically used to crack the password of the lotus word pro document. After starting this program (as shown in 7), click the "Settings" button, open the "brute-force Settings" dialog box and set the cracking status of wprokeyd (mainly by selecting the password range in the "Password character set" list box ). After the settings are complete, we only need to forget the password of the lotus word pro document (*. lwp file) drag to the wprokeyd window, wprokeyd will test all possible passwords one by one based on the range specified by the user until the password is found. 5. the ICQ password ICQ is currently the most popular network paging software, and many people cannot do without it when surfing the Internet ". When using ICQ, you must enter your personal password. If you forget the password, all the previous call numbers and conversation records will be lost, this is absolutely unacceptable! Don't worry, ICQ password cracking software ICQ password revealer can solve this problem (http://www.encrsoft.com /). ICQ password revealer is a DOS command line utility. You only need to execute this file in the newdb sub-folder of the ICQ installation folder, then enter your uin (8) as prompted on the screen. The system will retrieve the "long-overdue" ICQ password, which is very convenient to use. 6. All users know the password displayed using the "***" command. Foxmail has the function of memorizing the user's email password. It can remember the password of the user's email and then directly receive the email, this removes the hassle of entering the password manually. There is a problem, that is, after a user does not touch the password for a long time, it is easy to forget the mailbox password, while the password recorded in Foxmail is displayed, we cannot directly view it (similar situations are common). How can this problem be solved? Don't worry, the "Knight software password viewer" can crack this type of password! The "software password viewer" is a tool that uses "*" to display passwords in the cracking application dialog box. It can identify the original characters of these passwords and display them in front of users. With it, "*" is no longer an insurmountable trap! As shown in interface 9 of "software password viewer", to use it to crack a password, you only need to open the password Setting dialog box for other applications (that is, the "*" window is displayed ), drag the" software" icon in the "software password viewer" to the "*" password of these applications, the" software password viewer" will crack these "*" passwords and display their original characters in the "password" box to meet users' needs. The download URL of "software password viewer" is http://xksoft.yeah.net /. After reading the above introduction, I believe that you will never worry about your password, but on the contrary, users may worry about the security of their data. In fact, we do not need to be so nervous. The above-mentioned methods used by these Cryptographic software are mainly exhaustive. When the password is too long, it will exhaust all possible computations, currently, the computation speed of computers cannot meet the requirements of long passwords. That is to say, as long as we set the password long enough, there are not many opportunities for others to "peat" our secrets (of course, the password should contain at least 8 characters and be a combination of numbers, letters, and symbols ). In addition, in order to prevent special cracking such as the "Knight software password viewer" and adopt the "***" password display software, it is recommended that you do not use the software's automatic password memory function, you can directly enter the password as needed. With these two moves, you still cannot easily break through your "defense line ".