How to crack some passwords

Source: www.jz5u.com

I. boot password

Depending on the user settings, the boot password is generally divided into two different situations, one is the SETUP password (In this mode, the system can start directly, however, you only need to enter the password when entering the BIOS settings. The other is the SYSTEM password (when using this method, you need to enter the password either directly starting or configuring the BIOS, ). For the two passwords set by the user, our attack methods are different:

1. SETUP Password
If the computer can boot normally, but cannot enter BIOS settings (that is, the SETUP password is set), we only need to start DEBUG in the DOS state after the password is forgotten, run the following command to manually clear the password:
_ O 70 16
_ O 71 16
_ Q
In addition, users who are not familiar with DEBUG can also download a tool software Cmospwd dedicated to cracking the CMOS password. Then start the program in DOS, it will display the user's CMOS Password (Cmospwd supports Acer, AMI, AWARD, COMPAQ, DELL, IBM, packard bell, PHOENIX, zenith ami and other BIOS ), easy to use.

2. SYSTEM Password
If the computer cannot be started without a password (that is, the SYSTEM password is set), we cannot solve the password forgetting problem through software. In this case, the only way is to open the chassis, discharge the CMOS, clear all the content in the CMOS (including the password), and then re-boot and set. In addition, some boards are configured with a CMOS password to clear the jumper. You can also use this patch cord for the same purpose (see the motherboard manual for details ).

Ii. Windows Password

1. Windows Startup Password
Forgetting the Windows 98 Startup Password will not affect the system startup, but it will prevent users from entering their personal settings, therefore, it is necessary to crack the Windows 98 Startup Password to retrieve the "lost" "personality. To this end, you can delete *. the PWL password file and all the personal information files in the Profiles subdirectory, and then restart Windows 98, a password setting box containing no user name will pop up, we do not need to enter any content, click OK to delete the Windows 98 password. In addition, you can change the UserProfiles under the HKEY_LOCAL_MACHINE, Network, and Logon branches of the registry database to "0", and then restart Windows 98 to achieve the same purpose.

2. Screen Protection Password
Using the screen protection function of the system can prevent others from stealing their computers while they are absent, thus protecting data security. However, without other restrictions, the screen protection password of the system is very fragile. After the password is forgotten, we only need to use the "reset" key to forcibly start the computer (some poorly designed Screen Saver can even be forcibly disabled using Ctrl + Alt + Del, ** it is simpler), right-click the blank area on the desktop, and execute the "attribute" command from the pop-up shortcut menu, open the "Display Properties" setting box, click the "Screen Protection" tab, and then cancel the "password protection" option (you do not need to confirm the password when canceling this option ). In addition, it is said that there is still a CD dedicated to cracking the Screen Protection password on the market. After the disc is inserted, it uses the automatic running function of Windows 98 to start the Screen Protection password cracking program stored on the disc, and analyzes and decrypts the password of the screen protection function, finally, it is easier to display the password on the screen or write it to a floppy disk (Sorry, this feature is just a hearsay, and I have not seen such a CD with my own eyes ).

3. Power Management Password
You can also set a password for the power management function of Windows 98. After this function is set, the system requires a password when returning from the energy-saving status, so as to protect the system to a certain extent. However, because the power management function password is exactly the same as the Windows 98 start password, we only need to follow the previous method to crack the Windows 98 start password, and its power management password will not be cracked.
From the above introduction, we can see that the password protection function of Windows 98 is not perfect. Both the boot password, screen protection, and power management password are very weak, we must add other control measures to prevent others' intrusion. For more information, see.

Iii. compressed file Password

1. WinZip
After the user forgets the ZIP compressed package Password, he can http://www.golubev.com/download a decryption software UZPC (Ultra ZIP Password Cracker) dedicated to crack the Zip compressed package Password, use it to help us find the lost Password.
As shown in UZPC interface 1, we only need to execute the "New" command in the "Task" menu and select the ZIP file to crack the password from the "open" dialog box that appears, then, the UZPC opens a "Preferences" dialog box (2 ). Users should select which Files in the ZIP package should be decrypted from the "Archive Files" list box (WinZip has the function of setting different passwords for different Files in the same ZIP package, however, most ZIP packages do not use this function. They usually set the same password for all files, therefore, common ZIP password cracking software can only process such ZIP files with the same password. They are often invalid for ZIP Packages containing multiple passwords at the same time. UZPC is different. It can separately decrypt the passwords of different files in the ZIP package to better meet the requirements of the majority of users. The "Archive Files" list box is used to select Files with different passwords in the same ZIP package ).
Next, we should select an appropriate decryption method (mainly four types: "backdoor method", "exhaustive method", "Dictionary Method" and "pattern matching method, we generally use the "Brute Force exhaustive mode "). After setting, click "Next". A "Brute Force Attack Parameter" dialog box is displayed, as shown in figure 3 ), users are required to set the password cracking parameters (such as whether to include uppercase and lowercase letters, numbers, spaces, symbols, or all content, and the password length. Finally, click the "Go" button, and the system will use the exhaustion method to test all possible combinations of passwords until the final result is found, which is very convenient to use.
In addition, it should be noted that, if the number of digits of the password is long, the UZPC testing process may take a long time. To facilitate user use, UZPC provides the function of temporarily stopping the operation and continuing the test from the disconnection, we only need to use the "Save" button during the test to record the current cracking status, and then we can rest assured that the ongoing test will be interrupted without worrying about data loss. After that, we only need to click the "Open" button in the UZPC to Open the previous record, and the UZPC will continue searching from the break, thus saving the user time.

2. ARJ
When the Password of the ARJ compressed package is forgotten, we can http://www.elcomsoft.com/download a professional ARJ compressed package Password cracking software AAPR (Advanced ARJ Password Recovery), use it to find out the Password of the ARJ compressed package. As shown in interface 4 of AAPR, we only need to select the ARJ compressed package to be cracked from the "ARJ Password-encrypted File" dialog box, in the "Brute-Force Range Options" dialog box, select the password Range (also set whether to include uppercase and lowercase letters, numbers, spaces, symbols, or all characters ). Finally, click the "Start" button, and the system will use the exhaustion method to test all possible combinations of passwords. After finding the password, it will be displayed, which is very convenient to use!

3. RAR

RAR is also a very popular compression software, users forget the RAR compressed package password can be http://www.ssl.stu.neva.ru/download a CRARK software to crack it. This is a command line utility. It mainly uses the command line to crack the password of the RAR compressed package. The command format is "CRARK command line parameter RAR compressed package file name ". But in fact, we generally only need to use the "crark rar compressed package file name" command directly, and use the default parameters to crack the RAR compressed package password.
Appendix: Meaning of CRARK command line parameters:
-L Minimum Password Length
-G specifies the maximum password length
-S: Use your own settings
-D: Set the name of the main dictionary.
-U: Set the file name of the user dictionary.
-P: Set the password Progress File Name

Iv. Text Processing Software Password
1. WPS

1) WPS for DOS
In earlier versions, WPS has a general password Ctrl-QIUBOJUN. We only need to use this password to open all the Encrypted documents, then copy the content in the document to other documents in block copy mode to solve the problem (changes made when the document is opened with a general password cannot be saved ).

2) WPS 2000
As we all know, WPS 2000 uses two different levels of document encryption methods, namely "common encryption" and "Top Secret encryption ". It said in the manual that after the user forgets the document password, if the document adopts the "common encryption" method, he can ask technical staff of Kingsoft for help, they will help you find the forgotten password. If the document adopts the "top secret encryption" method, the password cannot be decrypted after it is forgotten, but this is not the case. Whether we forget the "common" Password or "top secret" Password, you can http://cyg.yeah.net/download a software named EWPR (Edward Wps Password Recovery) to crack the forgotten Password. This is a password cracking software edited by Chinese people (but I still don't understand why so many Chinese people like to edit software on the English interface ), it provides four decryption methods (for general users, the most useful method is the "exhaustive mode"). You can simultaneously decrypt documents that adopt "common encryption" and "Top Secret encryption" (** in the same way ).
Specifically, when we use EWPR to crack the password of WPS 2000 document, we should first specify the required WPS 2000 document (5) in the "Encrypt WPS 2000 file" dialog box ), in the "Type of Attack" list box, select the appropriate password cracking method (generally, select the "brute-force" brute force mode ). Next, select the possible password Range in the "Brute-Force Range Options" list box based on the actual situation, in the "Start From" dialog box, specify the characters to Start searching (mainly used to continue cracking From the last interruption ). After setting these options, we only need to click the "RUN" button and EWPR will use the exhaustive method to crack the password of WPS 2000 document, which is very convenient to use (during the running process, we can use the "Pause" and "Resume" buttons to temporarily interrupt the operation and continue the operation from the center ).

2. Office
WPS 2000