Xiao Li, who works in an IT company, has recently encountered major troubles: he has worked hard for several months to develop products, but has been preemptible by others at the new product launch. Is it true that this is a "coincidence "? Xiao Li knows the importance of this job, so every time he modifies a file, he makes a compressed package and sets a password. What experts can easily crack the password set by Xiao Li?
I. Case Analysis: password cracking tools flood
The anti-Black Knife can be used to crack these types of passwords. Nowadays, cracking tools for various types of passwords are rampant, and compressed file packages are the most commonly used files, this has aroused the attention of many "hackers". Let's take a look at what tricks they have!
Ii. Surprise Detection: password recovery tools are also hackers' accomplices
In fact, the original intention of many software development is good, such as various remote control software, and hackers have become a tool for remote theft, the same is true for the two common compression File Password Recovery Tools used by hackers!
1. Cracking WinZip compressed files
For WinZip compressed files, the most common tool used by hackers is elcomsoft's"Advanced zip password recovery"(Azpr for short), azpr provides a graphical user interface. After several simple steps, hackers can crack the password of the zip compressed file package.
Step 1: configure the cracking tool
First, open the encrypted zip compressed file package in "Zip password-Encrypted File". You can use the Browse button or function key F3 to select the compressed file package to be decrypted; select Attack methods in "type of attack", including "brute-force" (strong attack), "Mask" (mask search), and "Dictionary" (dictionary attack; in "brute-force range options", set the search range of the strong attack method. If you understand the combination characteristics of passwords, You can greatly shorten the search time by setting the following options; in "start from", you can set this option when you know the start Character Sequence of the password. For example, if you know that all passwords Use lowercase letters, with a length of 5 and start with the letter "K", you can enter "kaaaa" in this item ", azpr searches for all possible passwords from the beginning to the end. You can set the password length in "password length", which is also an important option to determine the search time; "Auto-save": the function of the automatic storage option is to automatically save the current settings and current working status of the software on a regular basis. These key parameters will be automatically stored in a Azpr. ini ", you can specify the file name of the parameter to be saved, the time interval for automatic saving, and so on. This option allows you to continue the decryption process that was interrupted last time. (Figure 1)
Figure 1
Step 2: start cracking
After setting the preceding key options, hackers can start cracking your ZIP file and click "start" to perform decryption, because azpr has the preceding function of saving parameters and states, you can interrupt or continue the operation at any time. After the password is found, the user will see the password content, total number of tested passwords, time consumed for cracking, average computing speed, and other information in the result window. If no password is found, a prompt is displayed.
2. Cracking WinRAR compressed files
For WinRAR compressed files, elcomsoft also released "Advanced RAR password recovery", which is fast to decrypt and can help you retrieve the rarfile password. After registration, you can unlock up to 128-bit passwords. It provides an estimate of the time required to calculate the password, and can interrupt the calculation and resume the previous calculation. However, it turns into a cracking tool in the hands of hackers. Its usage is roughly the same as that of "Advanced zip password recovery", which is not described here. (Figure 2)
Figure 2
3. Beware of "multi-function password cracking software"
In addition, there is also a tool named "multi-function password cracking software", which is also frequently used by hackers. This software can crack Access97/2000/XP Passwords, word/excel97/2000/XP, QQ (local and online), sqlserver (local and remote), Windows 98 login password, zip/rarfile password, asterisk password View, you can view any displayed as * password content (excluding the web page ). Zip/rarfile password cannot escape the software "robbery "! Let's take a look at how hackers use this tool to make waves.
The hacker installs and runs the software and switches to the "zip/RAR" option. 3:
Figure 3
Click the Browse button to find the zip/rarfile to be cracked on the local hard disk, and then perform the following settings:
(1) "crack bits setting": You can set the minimum length and maximum length of the password.
(2) "cracking character Settings": You can select one or more numbers, lower-case letters, and upper-case letters. You need to select the password of the compressed package, of course, if both are selected, the cracking speed will certainly be slower and will take a longer time.
After setting, click "start" to crack the password. After a period of cracking, the password displayed in the "progress" box is 4:
Figure 4