Re: [Full-disclosure] Launched New Tool - RAR Password Unlocker
Hey Guys, That's interesting reversing work and we appreciate your comments on the same. This tool is from one of our contributing author, Neeraj (appnimi.com). He is new into this tool development and protocols where we acknowledge other's contribution in our work. I have now talked to author and he will be introducing ACK section for the same. Soon we will update on our pages too. Generally we give complete credit to other's work however small it may be ! Thank you ! With Regards Nagareshwar Talekar http://SecurityXploded.com http://PasswordForensics.com/ http://NetCertScanner.com http://twitter.com/securityxploded On Wed, Mar 30, 2011 at 8:29 PM, Tim wrote: >> > why do we need installer then? distribute that tool as single >> > executable. >> >> Because without the installer, it can't try to "monetize" the install by >> installing search toolbars! (It's nice enough to continue the install if you >> reject their terms, though.) >> >> >> On 2011-03-29, at 13:13, Jo Galara wrote: >> > How does it work? Bruteforce? >> >> Yes, but... well, JAD does a better job of explaining than I possibly could: >> >> > Runtime rt = Runtime.getRuntime(); >> > >> > String str = "7z.exe x "; >> > str = str + "\"" + _filepath + "\" "; >> > str = str + "-p\"" + pwd + "\" "; >> > str = str + "-o\"" + _destpath + "\""; >> > str = str + " -y"; >> > >> > System.out.println(str); >> > >> > Process p = rt.exec(str); >> > p.waitFor(); >> > >> > if (p.exitValue() == 0) >> > { >> > ret = true; >> > } > > > That's funny (i.e. pathetic). > > A quick search of the tool's website doesn't reveal any links to the > 7-zip website. I'm not going to bother to download this tool, since a > 1-line shell script would accomplish the same thing, but if 7-zip > isn't linked to in the accompanying documentation, then that would be > a violation of the LGPL. From 7-zip's FAQ: > > Can I use the EXE or DLL files from 7-Zip in a Commercial Application? > > Yes, but you are required to specify in your documentation (1) that > you used parts of the 7-Zip program, (2) that 7-Zip is licensed under > the GNU LGPL license and (3) you must give a link to www.7-zip.org, > where the source code can be found. > > > tim > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Launched New Tool - RAR Password Unlocker
> > why do we need installer then? distribute that tool as single > > executable. > > Because without the installer, it can't try to "monetize" the install by > installing search toolbars! (It's nice enough to continue the install if you > reject their terms, though.) > > > On 2011-03-29, at 13:13, Jo Galara wrote: > > How does it work? Bruteforce? > > Yes, but... well, JAD does a better job of explaining than I possibly could: > > > Runtime rt = Runtime.getRuntime(); > > > > String str = "7z.exe x "; > > str = str + "\"" + _filepath + "\" "; > > str = str + "-p\"" + pwd + "\" "; > > str = str + "-o\"" + _destpath + "\""; > > str = str + " -y"; > > > > System.out.println(str); > > > > Process p = rt.exec(str); > > p.waitFor(); > > > > if (p.exitValue() == 0) > > { > >ret = true; > > } That's funny (i.e. pathetic). A quick search of the tool's website doesn't reveal any links to the 7-zip website. I'm not going to bother to download this tool, since a 1-line shell script would accomplish the same thing, but if 7-zip isn't linked to in the accompanying documentation, then that would be a violation of the LGPL. From 7-zip's FAQ: Can I use the EXE or DLL files from 7-Zip in a Commercial Application? Yes, but you are required to specify in your documentation (1) that you used parts of the 7-Zip program, (2) that 7-Zip is licensed under the GNU LGPL license and (3) you must give a link to www.7-zip.org, where the source code can be found. tim ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Launched New Tool - RAR Password Unlocker
That made my morning laugh! =) Andrew Farmer skrev 2011-03-30 00:22: > Yes, but... well, JAD does a better job of explaining than I possibly could: > >> Runtime rt = Runtime.getRuntime(); >> >> String str = "7z.exe x "; >> str = str + "\"" + _filepath + "\" "; >> str = str + "-p\"" + pwd + "\" "; >> str = str + "-o\"" + _destpath + "\""; >> str = str + " -y"; >> >> System.out.println(str); >> >> Process p = rt.exec(str); >> p.waitFor(); >> >> if (p.exitValue() == 0) >> { >>ret = true; >> } ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Launched New Tool - RAR Password Unlocker
Read the link ( http://nagareshwar.securityxploded.com/2011/03/30/launched-rar-password-unlocker-by-neeraj/ ) It [the tool] uses brute force password recovery technique that can help you to recover not only easy but also complex passwords. But without any GPU acceleration, it will take forever to bruteforce a complex password. Use this tool instead: http://www.golubev.com/rargpu.htm _ From: Jo Galara [mailto:jogal...@gmail.com] To: full-disclosure@lists.grok.org.uk Sent: Tue, 29 Mar 2011 22:13:03 +0200 Subject: Re: [Full-disclosure] Launched New Tool - RAR Password Unlocker How does it work? Bruteforce? On 03/29/2011 09:12 PM, Nagareshwar Talekar wrote: > Hi all, > > We have just released new password recovery tool - RarPasswordUnlocker > - FREE tool to recover the password of protected RAR files. It is > created by Neeraj who is leading contributor on SecurityXploded.com > > For more details & download visit RarPasswordUnlocker > http://bit.ly/ft8i5k > > -- Regards, Jo Galara This e-mail and any attachments may contain confidential material for the sole use of the intended recipient. If you are not the intended recipient, please be aware that any disclosure, copying, distribution or use of this e-mail or any attachment is prohibited. If you have received this e-mail in error, please contact the sender and delete all copies. Thank you for your cooperation ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Launched New Tool - RAR Password Unlocker
Seems like a good tool for when I can just let it run over time on a rar. Thanks Chris On Mar 29, 2011, at 3:12 PM, Nagareshwar Talekar wrote: > Hi all, > > We have just released new password recovery tool - RarPasswordUnlocker > - FREE tool to recover the password of protected RAR files. It is > created by Neeraj who is leading contributor on SecurityXploded.com > > For more details & download visit RarPasswordUnlocker > http://bit.ly/ft8i5k > > > -- > With Regards > Nagareshwar Talekar > > http://SecurityXploded.com > http://PasswordForensics.com/ > http://NetCertScanner.com > http://twitter.com/securityxploded > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Launched New Tool - RAR Password Unlocker
On 2011-03-29, at 12:29, k...@rhynn.net wrote: > is there any chance of seeing CUDA in action for the next versions? :) Ha ha ha, no. (See below.) >>> Installed executable is completely portable. > > why do we need installer then? distribute that tool as single > executable. Because without the installer, it can't try to "monetize" the install by installing search toolbars! (It's nice enough to continue the install if you reject their terms, though.) On 2011-03-29, at 13:13, Jo Galara wrote: > How does it work? Bruteforce? Yes, but... well, JAD does a better job of explaining than I possibly could: > Runtime rt = Runtime.getRuntime(); > > String str = "7z.exe x "; > str = str + "\"" + _filepath + "\" "; > str = str + "-p\"" + pwd + "\" "; > str = str + "-o\"" + _destpath + "\""; > str = str + " -y"; > > System.out.println(str); > > Process p = rt.exec(str); > p.waitFor(); > > if (p.exitValue() == 0) > { >ret = true; > } ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Launched New Tool - RAR Password Unlocker
How does it work? Bruteforce? On 03/29/2011 09:12 PM, Nagareshwar Talekar wrote: > Hi all, > > We have just released new password recovery tool - RarPasswordUnlocker > - FREE tool to recover the password of protected RAR files. It is > created by Neeraj who is leading contributor on SecurityXploded.com > > For more details & download visit RarPasswordUnlocker > http://bit.ly/ft8i5k > > -- Regards, Jo Galara signature.asc Description: OpenPGP digital signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Launched New Tool - RAR Password Unlocker
Hi, is there any chance of seeing CUDA in action for the next versions? :) >> Installed executable is completely portable. why do we need installer then? distribute that tool as single executable. Cheers, Kai > We have just released new password recovery tool - RarPasswordUnlocker > - FREE tool to recover the password of protected RAR files. It is > created by Neeraj who is leading contributor on SecurityXploded.com > > For more details & download visit RarPasswordUnlocker > http://bit.ly/ft8i5k ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Launched New Tool - RAR Password Unlocker
Hi all, We have just released new password recovery tool - RarPasswordUnlocker - FREE tool to recover the password of protected RAR files. It is created by Neeraj who is leading contributor on SecurityXploded.com For more details & download visit RarPasswordUnlocker http://bit.ly/ft8i5k -- With Regards Nagareshwar Talekar http://SecurityXploded.com http://PasswordForensics.com/ http://NetCertScanner.com http://twitter.com/securityxploded ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/