Table of Contents
First of all, sorry for the title; you cannot extract a password protected RAR file without its password. If that was possible there was no need for passwords and encryptions in the first place. It would be lying if someone told you that RAR password recovery was possible instantly but sadly there are many sites spreading fake tutorials. One such tutorial asks the user to open the encrypted RAR file in a text editor and remove the password from there. How ridiculous! It would have been possible with a hex editor if the RAR stores the password as a clear text in the file itself but they do not.
Anyways we are lucky that we have many tools to help us recover lost or forgotten passwords and in this article, we will go through some of these known softwares. These are the same tools that police and forensic people use, so again, there is no shortcut to bypass the password.
RAR password recovery is a time-consuming and resource-intensive process for large & complex password and there is no guarantee for a successful recovery. During the recovery process, your CPU may stay at 100% utilization for long periods of time. This is totally okay if you have adequate cooling, also modern systems are equipped with thermistors to monitor temperature and perform auto shutdown if needed.
I’ll try my best to educate you on the recovery process, the best tools (including some free ones), and services for a successful password recovery. So please go through the entire article.
Basics of different password recovery techniques
Before we answer the age-old question on how to extract RAR file without password, there are three different recovery options that you should know about. Choosing the right method is the key to a fast & successful unlock and therefore it is very important to know what these different attack modes are. They are as follows:
- Brute-force Attack: This method tries all the possible combinations of characters. As a result, brute force attacks are very slow and require powerful computers to speed up the process. Assume your password is 5 characters long and that you have no idea of its features (i.e whether it contains uppercase, digits,..), this makes the total combinations to a minimum of 7,820,126,495. I said minimum because this calculation assumes we are dealing with the English character set alone! With every extra character in the password, the total number of possible combinations increases exponentially.
- Brute-force with Mask Attack: If you know something about the password such as its length, character set, prefix, suffix, etc. then you can also bring down the total search space exponentially; how cool is that! To take advantage of this you should need a RAR password recoverer that has this feature.
- Dictionary Attack: This type of technique is used when you are sure that the password is from a given set of words, let’s say one from the English words. It doesn’t necessarily have to be English though, you can supply any wordlist as a text file in most softwares. Large dictionary files can also be found online.
Important requirements for fast and successful password retrieval
- Recollect as many features you remember about the password such as its length, casing, letter combinations, language, etc.
- A new powerful CPU
- A modern GPU can improve the speed of recovery by 10-20 times.
- A RAR password recovery software that can make use of the above features
The Best RAR password recovery softwares & services
The leading decryption software; used by NASA, the US Department of Homeland Security, and more.
Passware Kit also sells servers optimized for decryption which can test 85,000 – 285,000 passwords/sec. Combine that with the accelerated hardware feature which can take advantage of multiple decryptum servers on a network; we can achieve really impressive speeds! For a reference, my PC which is equipped with an i5 8400 and GTX 970 card got a top speed of under 13000 passwords/sec.
Passware Kit Standard costs $80 and it is the minimum version required to decrypt archive files like ZIP and RAR. There is a limited free trial available to experience the software but it can’t run for over a minute and won’t recover passwords over 4 characters. Using Passware Kit is pretty straight forward but if you still need a tutorial, our previous article on Passware Kit for Zip decryption would be helpful.
RAR Password Unlocker
Dictionary Mode | Brute Force Mode | Mask Attack | CUDA Support | Limited free trial
RAR Password Unlocker is a simple to use software with many useful features like save/resume attacks, multi core support, GPU acceleration, auto shutdown, and more. It can also search for encrypted files on your PC which can be handy. Unfortunately the software failed to accelerate the recovery with my GTX 970 which is weird as even the free utility cRARk did worked with my GPU. But even without GPU acceleration it managed to top over 1000 passwords/ second which is almost double of the average speed of cRARk (without GPU engine).
They offer a free trial of the software with some limitations.
- Download the RAR password unlocker from the link below.
- Launch the application, click open, and select your encrypted RAR file.
- Under attack types, select your choice, and click start. Now, wait till it throws a response.
It is better to first try the Dictionary attack before going with Brute-force.
Online Password Recovery Services
Pay only if the password is recovered.
A RAR password recovery software cannot guarantee successful decryption (theoretically possible but practically no), so if you don’t want to pay for such software unless decryption is guaranteed then it’s better to make use of online recovery services. One such company is password-online. Just upload your encrypted RAR file on their website and wait for them to crack it. Once the RAR is decrypted, they will present the proof, after which you can pay their fees of just 10 Euros to get the password. Password-online has large server farms so you can expect to recover the password sooner than if you attempted to recover it yourself.
Freeware utilities for RAR password recovery
Not everyone wants to pay for password recovery and I totally get it, so I have found two freeware that supports RAR file types. These are cRARK and John the Ripper. At least some of you may have heard about John the Ripper.
An amazing utility for people who are comfortable using terminal. Supported on Windows, Mac and Linux.
cRARk is a free command-line software for RAR password cracking! It’s a well-maintained project and offers CUDA & OpenCL support, which can tremendously speed up the process. So if you are rocking a decent graphics card and processor, you should be able to crack a password of under 6 characters in a day as opposed to weeks and months. I tested the tool, with and without the GPU engine and the results are astonishing. Without the GPU engine, it was just above 500 passwords/ second and with GPU the speed was over a whooping 25,000 password/ second! That’s even more than what I have achieved with Passware Kit.
With cRARk you can define all you know about the password using a Password Definition Language(PDL) in a .def file. This is very similar to regular expressions so if you already have experience with regex then there will no troubles, plus they have several examples on their website.
- All RAR versions support, including the latest RAR 5.x
- Windows, Mac, Linux compatible
- OpenCL, CUDA support
- Unique PDL language which is extremely efficient if the user remembers any information about a forgotten password
- Lacks pause/ resume
- No multi-core and multi GPU support
- No GUI
How to use cRARk in Windows?
First download the latest version of cRARk and extract the folder to your desktop.
Note: The downloaded RAR file may prompt you for a password but there is no password!
Now open up Notepad or any text editor to create the PDL. A sample password definition that brute forces passwords containing alphabets and numbers is shown below. Save the file as “password.def” to the cRARk folder which you just extracted.
It should be noted that the PDL file contains two portions: a declaration section and rules section both of which are separated by a ‘##’ symbol. All other ‘##’ are treated as comments. In the following code, there are no custom definitions so the default definitions of $a, $A, $1 will be used.
## [$a $A $1] * ## For more examples of PDL visit http://www.crark.net/cRARk.html#44
Next, open your Windows terminal or CMD and use the
cd command to navigate to the cRARk folder which you just extracted. Then run cRARk with the following command. Replace “..\treasure.rar” with the path of your encrypted file.
.\cRARk.exe -p'password.def' ..\treasure.rar
There are additional flags that you can supply, like min & max length, debug mode, etc. Learn more about it on cRARk’s website.
One of the limitations with cRARk is the lack of multi CPU/GPU support but you can overcome that by using another software known as Parallel Password Recovery which also makes use of PDL files. Additionally, Parallel Password Recovery can also take advantage of multiple computers using the distributed decryption feature. I have tested this software and it works great!
John the Ripper
John the Ripper is a free, open-source, command-line program for password security auditing and recovery. It is available on macOS, Linux, and Windows. JR is incredibly versatile and can crack anything you throw at it including archive files (ZIP, RAR), document files (PDF, Office, etc), filesystems, web apps, and more. You can use JR for brute force or dictionary attack.
To get started, download John the Ripper and extract the archive to your desktop. Now fire up CMD or the new terminal in Windows and
cd to the root folder of JR and then to the “run” folder. Next, execute the following commands.
rar2john.exe ..\..\treasure2.rar > hash.txt
Replace “..\..\treasure2.rar” with the path of your encrypted RAR file. The “hash.txt” will now be generated in the “run” folder. The next step is to decrypt the hash to retrieve the password.
john.exe ..\..\treasure.rar hash.txt
You can also use a dictionary attack by supplying a wordlist file. In the following example, “password.lst” is the wordlist file.
john.exe --format=rar --wordlist password.lst hash.txt
Unfortunately there is no shortcut and it can’t be helped without additional information on the password. May be your password is too long, or the search set is wrong.
The best search speeds are only possible if you have an nvidia GPU having CUDA cores and of course a software that can take advantage of it. Another would be to stop running other resource hogging processes.
Yes, you can! Although there are no GUI softwares for the job, you can use cRARk or John the Ripper CLI to decrypt RAR files on a mac.
This is a popular question with respect to RAR file unlocking, however there are no apps to brute force passwords on your mobile. As a safety warning, you shouldn’t even attempt to brute force on your mobile device even if some technique existed.
Have you tried any of these? Let me know your thoughts & experiences with password protected RAR decryption in the comments below.
Other Password Recovery Tutorials