Lifehack: Crack the rest of RAR password if only half is readable
1. Start Accent RAR Password Recovery (or other required Passcovery tool) and open a password-protected archive (use the toolbar icon, the menu «File->Open» or the hotkey Ctrl+O – nothing unusual here).
Fig. 2: Open your password-protected file using the program
2. Read the file description (protection method), then choose the PPMd blocks scanning pattern and go to the attack selection step. Select “Brute-force with extended mask”.
3. Follow these rules to complete mask settings.
Let’s take the photo above as an example.
Only a part of the characters are clear while the rest have been washed away by latte (let’s mark the unknown characters with asterisk «*»): PdCMAw******saXl2q
Traces of damaged characters left on the paper (fragments of lines, distance and position of dots and stains etc.) allow us to make assumptions which might help reduce the number of verifications:
- first * - a capital letter, most likely “С”
- second * - a “high zigzag”, most likely “Z” or “2”
- third * - a lower-case letter with downward directed “tail”, most likely “g” or “y”
- fourth * - a “narrow” character with an element on top, most likely “1”, “7”, “T”, however “I”, “J”, “L” are also likely
- fifth * - a lowercase letter, really hard to guess which one, but for sure it is not a “narrow” one and it’s got no “tail”
- sixth * - a “high” and “thin-shaped” character, most likely “1”, “l”, “t”
Based on these assumptions we can specify sets of characters and define the mask as: PdCMAwC?0?1?2?3?4saXl2q
4. Start the search. With the assumptions made we’re down to only 1872 combinations to be validated. It is a piece of cake for any computer.
With extended mask you can define a list of possible characters for each position in the generated password which makes the mask a perfect tool to customize verification range with. By cutting off redundant validations you’ll be getting to the successful result way faster.
We recommend to start with the roughest assumptions (as we did in the example above) that is with the minimum number of combinations. Should the assumptions turn out wrong and you fail to find the password in the range of scanned combinations then you’ll just need to extend your view of the invisible characters — expand the range of verification and retry the search.
Why use extended mask?
It is true that there is an ordinary mask option in Passcovery programs apart from the extended one. You can use that one too. But it is not really useful when there is at least some information known about the password.
In the usual mask an unknown character is described with a symbol and verification of all the characters involves scanning of the entire specified range. Because of the drastic increase in the number of combinations to be checked it’s sure gonna take ages to complete the search.
Here’s what the usual mask would look like in our case:
That is all possible combinations for the six unknown characters with a set of digits, small and capital letters will be checked which gives us 56,800,235,584 instead of 1872 combinations. See the difference?
So if you have at least some precise information about the password, try to use extended mask.
Passcovery RAR Cracking Tools
|Accent RAR Password Recovery for RAR3/RAR5 files,
fully functional with GPU’s
|Passcovery Suite for RAR files,
supporting GPU acceleration on NVIDIA/AMD
(also supporting Microsoft Office/OpenOffice/Adobe PDF docs, Zip archives, Apple iOS/BlackBerry OS backup files, TrueCrypt volumes, WPA/WPA2 handshakes)