View Single Post
Old 25 October 2007, 00:16   #24
mark_k
Registered User
 
Join Date: Aug 2004
Location:
Posts: 2,519
Quote:
Originally Posted by zipper View Post
Good, I started to crack it but just 6 figures cleared; 7 should take 3 days and 8 probably months with my lappie...
is that the same on bb2? Just big letters and numbers does help the job.
As laser mentioned, you can use the "known plaintext" method of cracking the password, which is very quick indeed. (I remember doing that on my old 75MHz Pentium 1 PC.)

Several files in the archive are also available in the OS 3.5 Boing Bag archive(s). Using those the password recovery program can quickly determine the key.

Of course a brute force crack is also quite fast, once you know that the password is of the form xxxxxxxx, where each x is a hex digit, i.e. 0-9 or A-F (so there are only a little over 4 billion possibilities).

For the OS 3.9 Boing Bag 2 archive, they changed the password a little so it's of the form xxxxxxxx-xxxxxxxx-xxxxxxxx (again, each x is a hex digit). That will make brute-force cracking a lot harder; over 64 billion billion billion possibilities. But a known plaintext attack is still possible. That doesn't tell you what the password actually is, but gives the "key" and outputs a decrypted zip file.

If anyone has an OS 3.9 CD and wants to determine what the BB2 archive password actually is, contact me. (I won't tell you the password directly -- I don't know it -- but can explain how to find it out.)


-- M
mark_k is offline  
 
Page generated in 0.05263 seconds with 9 queries