Dictionary Attack on Password-Protected RAR


In one of the Enigma Group Hacking Challenges, I ended up with a password-protected RAR file that I needed to crack.

Brute forcing seemed wildly impractical unless maybe piping in brute force attempts from john, but researching the various mission discussions lead me to believe the password was pretty simple and very likely in any decent attack word list.

I tried a tool called RARCrack, but I could not get it to actually work on this file. This could easily be due to user error.

In light of this I decided to create a simple Bash script that takes a path to a RAR file and a path to a word list file and then tries every item in the word list as a possible password for the RAR. When the correct password is found, it displays it for you, allowing you to copy the password and open the RAR at your leisure.

You can find the script, dictionRARy, on GitHub. It is not elegant. It is not perfect. It could be much better and much faster. It works, though, and was a great learning experience.

Usage is very simple: ./dictionrary.sh ~/path/to/RAR ~/path/to/WordList

comments powered by Disqus