Forumophilia - 19 Years Online!
antimonio
Very Respected Poster
buckethead
antimonio
Very Respected Poster
ClearPlastic
I'm probably spamming
antimonio
Very Respected Poster
RabidSquirrel
Good Poster
I'm sorry to say this: but John The Ripper won't work, that program was (is) made to crack password files on mostly Unix systems. It's also very good to crack passwords from LM-hashes on Windows systems. Even on Unix and Linux systems it's getting further behind after designers have begun to use DES, MD5 or Blowfish.
But back to your problem, as the Rar file you have is encrypted with an AES 128-bit key. John The Ripper (or any password cracking program for that matter) can use two ways to crack it: Dictionary attack - where you test a list of words against the hash to determine the password - it's a bit hard to say how long it's gonna take - it depends on if it's a short or long word and a host of other things. If that doesn't work (and you first have to get a word-list to test from) then there's only the brute-force approach: testing every single possiblity in the 128-bit key. And that's (if you're not lucky) gonna take a lot of time:
In a 128-bit key there's 2 in 128th tense (340,282,366,920,938,463,463,374,607,431,768,211,456) possibilities - a computer that could test a billion billion keys a second would still take 10 in the 13 tense - years to test them all. (that's longer than the known age of the universe) - and guess what yours (or mine) computer can't test a billion billion keys a second.
And to get all nerdy on you there's also the so-called "Landauer's principle" which - in (very) general terms - say that there's a lowest amount of energy it takes to compute a bit. So to take our 128-bit key it would take about 30 Gigawatts of energy to brute-force the password.
And again there's no computer in the world that's even close to where it's possible to see if Landuars principle works in practice.
My advice to you going forward - would be to choose long passwords that are hard to crack and then write them down (yes you read that right) and put them into a book or something where they are not easily found.
Because let's face it nobody's gonna come around and torture us for our passwords (or break in to get them) - so the main scope of a password is to make it safe when you are online - and there it doesn't matter that you've written it down.
Regards
RabidSquirrel
But back to your problem, as the Rar file you have is encrypted with an AES 128-bit key. John The Ripper (or any password cracking program for that matter) can use two ways to crack it: Dictionary attack - where you test a list of words against the hash to determine the password - it's a bit hard to say how long it's gonna take - it depends on if it's a short or long word and a host of other things. If that doesn't work (and you first have to get a word-list to test from) then there's only the brute-force approach: testing every single possiblity in the 128-bit key. And that's (if you're not lucky) gonna take a lot of time:
In a 128-bit key there's 2 in 128th tense (340,282,366,920,938,463,463,374,607,431,768,211,456) possibilities - a computer that could test a billion billion keys a second would still take 10 in the 13 tense - years to test them all. (that's longer than the known age of the universe) - and guess what yours (or mine) computer can't test a billion billion keys a second.
And to get all nerdy on you there's also the so-called "Landauer's principle" which - in (very) general terms - say that there's a lowest amount of energy it takes to compute a bit. So to take our 128-bit key it would take about 30 Gigawatts of energy to brute-force the password.
And again there's no computer in the world that's even close to where it's possible to see if Landuars principle works in practice.
My advice to you going forward - would be to choose long passwords that are hard to crack and then write them down (yes you read that right) and put them into a book or something where they are not easily found.
Because let's face it nobody's gonna come around and torture us for our passwords (or break in to get them) - so the main scope of a password is to make it safe when you are online - and there it doesn't matter that you've written it down.
Regards
RabidSquirrel
antimonio
Very Respected Poster
I tried with John the Ripper but, to be honest, didn't quite figured out how it works.
I learned my lesson, i now have just a couple of passwords for everything and they're written on a notebook, just in case. Oh and the file is gone now.
I also learned amazing computer facts to shock my friends
.
By the way RabidSquirrel, congratulations on your 11,000 posts!
I learned my lesson, i now have just a couple of passwords for everything and they're written on a notebook, just in case. Oh and the file is gone now.
I also learned amazing computer facts to shock my friends
.
By the way RabidSquirrel, congratulations on your 11,000 posts!
Slanger
I'm probably spamming
I don't think it's possible 