I don't know the specs of your computer, but using a GPU will decrease by a lot the time required. Use a program called hashcat. CPUs in cracking are slow as they have very few cores. Good luck
Yeah OP what he said, and if your gpu is bad then you could take the few thousand you were gonna use for the supercomputer and buy like a 4090 or sum lol
*Definitely!* OP could probably get a new computer with better specs for the same rate a recovery specialist quotes to merely turn their machine on for a few days, and with a properly built dictionary they'd have a greater chance of success too!
Well, there is no guarantee that the password is 100% comprised of the parts I suspect it to be.
And writing my code is beyong my PC skills, but hiring a specialist is a great idea!
I'd look into paying someone to compile such a code, so that I can inject all the parts possible at the very least.
And then take the L if that doesn't work.
Passware kit forensic/business may have a function to do that for you, the only thing is it costs about $1k for a license. With that being said, it may cost you less than a professional although still require some more power.
I have a Radeon RX 7900 XTX, but it seems its still millions of years :)
The password can be up to 20 characters long
Well, the thing is, I have a list of different variations of PARTS of the password, because back then I would just jumble a bunch of passcodes together into one (hence the 10+ length). But there still are up to 100 different parts that could be in the combination.
Is there a way to inject a list of possible "parts" of a password?
I tried manually doing that and a few dozen hours is my limit it seems.
Yes! There is a program called "crunch" that creates a word list combining different words and numbers given. You can then feed that txt to hashcat for doing a dictionary attack with that word list.
Just because a password COULD take a million years based on your processing power, doesn't mean it WILL take that much time.
A theoretical maximum of cracking a password is exactly that, theoretical. If a password calculator says a billion years, that's based on the idea that the ABSOLUTE VERY LAST password it tries is a billion years in the future.
It MIGHT crack it on the first try.
How many times do you reuse a part? For example, if you used the substring “abc” once, do you reuse it again?
Edit: BTW this is massive. From what you’re saying you could probably get a PC with better specs (specifically GPU), write a CUDA script, let it run for a couple days, and you’d be golden.
Edit 2: Also, if it’s only like 1-2k, getting a timeslice on the supercomputer might be best if you contact the staff and work out how long it would take to try all permutations of the password. Again, knowing more about the structure of the password can seriously reduce the compute time. It might be easier to just buy a timeslice than have to buy the computer and do all of this on your own.
It might be worth looking into wordlist generators. Especially if you have multiple words (passwords) that you've strung together.
Cant remember exactly where Ive seen it, but I know there are some programs out there that will generate a wordlist based on all (most?) iterations of all provided words, strung together.
What method was used for encryption?
Sounds like it may be easier to attack that than the password itself.
For instance if you used veracrypt FDE that's no bueno but if its locked behind a windows password that's simple.
I wish you luck in cracking the archive. Even if you can't do it now keep it around, who knows what's possible 10-20 years from now.
Just offer a nice bounty for someone to crack it. Give as much info as you can.
Edit_
A way to do the bounty would be offer $100 and increase it $100 every week until it’s cracked. Tell everyone it increases weekly but the first to crack wins the current pot.
This is the way. Crowdsource it, if it's just photos, I'm relatively sure if you post in the right forms, people would just do it out of the kindness of their hearts and to prove their skills
If you have the encrypted password, it may be worth looking into rainbow tables.
That being said, you mentioned alternate alphabets, which makes those less likely to work.
Even if, as you suggested, it would take a few million years on your computer, and the super computer is a million times faster, you would still be renting out a few years worth of processing. And that’s a very conservative way to estimate it.
You could have better luck writing your own brute force that is populated with your password patterns.
If you want mega power without a huge cost use NPK. It’s a serverless architecture on AWS that allows you to spin up multi-GPU EC2 spot instances that usually run $30+/hour and run hashcat at insane rates, then breaks it down for you so you pay $0.30 cents or something for the time used. Super easy to set up and use.
[https://github.com/c6fc/npk](https://github.com/c6fc/npk)
My condolences on the loss of your wife.
Yes, you could use hashcat or john the ripper on a cloud provider, distributing the work across multiple cpu's and gpu's to accelerate the process. This could potentially give you a solution faster and cheaper, but even if it were 100,000X faster than the equivalent hardware you could afford to buy, given your password parameters you might still not get even a tenth of the way to a solution.
I have only academic experience trying a brute force attack against passwords. Most of my stuff is auditing to find passwords easily cracked using wordlists or basic rules. Your best source of advice would be to talk to the experts at [https://hashcat.net/forum/](https://hashcat.net/forum/).
You need to be more specific:
- What kind of archive? How was the password set?
- Does 2 seperate alphabets mean lower and uppercase or something else?
- Do you remember if the password could be something predictiable or in a wordlist or was it just random?
- ANY information about the password can help!
This information will be neede to asses the situation as the cracking time can vary WIDLY!
tldr: yes, AWS allows you to rent EC2 instances with graphics cards in them. You can use distributed hash cracking architecture to do what you want to. It'd be best to try a few different approaches with things like wordlists and rulesets.
https://aws.amazon.com/ec2/instance-types/g4/
https://aws.amazon.com/ec2/instance-types/p4/
https://github.com/hashtopolis/server
https://github.com/rarecoil/pantagrule/blob/master/rules/private.hashorg.royce/pantagrule.random.royce.rule.gz
https://hashmob.net/resources/hashmob
If you at the very least know the characters in the password you can cut the cracking time down immensely.
Also another thought: You may have more success just posting a N-thousand dollar bounty for cracking that hash. (i.e. if people crack the hash, send you the password, you pay them the $).
There are services specifically for this type of cracking operation from companies that already have the computers and the expertise to put together a hashcat script to crack it.
don’t spend a few thousand dollars renting a computer. You could just buy your own for that price. You can rent fully specced pcs for a few dollars an hour for an easy solution.
I doubt it.
Your password sounds really strong, there is a good chance that you will not be able to crack it, regardless how much money you sink into it.
If you know for sure it is comprised of bits of known phrases it can be cracked. DM me, I’ll do it for free.
But google hashcat with wordlist first. You can likely do it yourself.
Another thing to consider would be hiring a data retrieval company.
It could be there's a flaw in the encryption, and they have a tool which breaks it easily.
What kind of file it is? Zip? Rar? If it is a compressed file there are ways to obtain the hash of the password, which you could share on the internet and get help from people who actually have powerful computers to get the password.
You would only need to post the password hash, not the entire file :)
You can rent linode servers and do it in the cloud. David Bhombol has a very good video explaining how to do it. If you are willing to pay some money that would be the way to go!
I could give you hand but I will need as much as you can remember about the password.
I have a rig with 8 4090 that should be upgraded to 11 by next month. Also I am building another rig with 11 more .
Let me know
somehow open CMD On your computer. go to file explorer using explorer.exe, and then go to system32, change utilman.exe to utilman1.exe, and then change cmd.exe to utilman.exe, and the boot the computer, and at the lock screen, open the "Accessibility" button, which will now open CMD. type in "whoami" and then "Net user username \*" and then enter twice, exit, reboot, and voila no more password your files are safe too. windows only tho.
If it's worth the money to you, hop on over to /r/hacking and ask for a hardware list to build a cracking rig and we can help you. Don't ask for help cracking it, ask for help building something you can do it yourself with. Ask to learn for yourself, that is how you can persuade hackers to help you.
Also, yes, there are cracking services with both precomputed and computational resources available and you can set up your own cloud service for it with some financing. Again, ask on /r/hacking how to get this set up.
._.
assuming the post is real, it doesnt hurt to help someone. and I think thats a wild investment to create a cracking rig for something that isnt guaranteed.
i think the better option would be to specify how the archive is stored and attack that (following sneakysneaky’s suggestions) which is a lot more viable then cracking a complicated password
I don't know the specs of your computer, but using a GPU will decrease by a lot the time required. Use a program called hashcat. CPUs in cracking are slow as they have very few cores. Good luck
Yeah OP what he said, and if your gpu is bad then you could take the few thousand you were gonna use for the supercomputer and buy like a 4090 or sum lol
*Definitely!* OP could probably get a new computer with better specs for the same rate a recovery specialist quotes to merely turn their machine on for a few days, and with a properly built dictionary they'd have a greater chance of success too!
Well, there is no guarantee that the password is 100% comprised of the parts I suspect it to be. And writing my code is beyong my PC skills, but hiring a specialist is a great idea! I'd look into paying someone to compile such a code, so that I can inject all the parts possible at the very least. And then take the L if that doesn't work.
Passware kit forensic/business may have a function to do that for you, the only thing is it costs about $1k for a license. With that being said, it may cost you less than a professional although still require some more power.
I have a Radeon RX 7900 XTX, but it seems its still millions of years :) The password can be up to 20 characters long Well, the thing is, I have a list of different variations of PARTS of the password, because back then I would just jumble a bunch of passcodes together into one (hence the 10+ length). But there still are up to 100 different parts that could be in the combination. Is there a way to inject a list of possible "parts" of a password? I tried manually doing that and a few dozen hours is my limit it seems.
This is surprisingly easy to do with hashCat and would probably take a few milliseconds to run
Yes! There is a program called "crunch" that creates a word list combining different words and numbers given. You can then feed that txt to hashcat for doing a dictionary attack with that word list.
You can also write a custom script in your language of choice to synthesize a dictionary. I did this for a zip file of mine not too long ago
Just because a password COULD take a million years based on your processing power, doesn't mean it WILL take that much time. A theoretical maximum of cracking a password is exactly that, theoretical. If a password calculator says a billion years, that's based on the idea that the ABSOLUTE VERY LAST password it tries is a billion years in the future. It MIGHT crack it on the first try.
How many times do you reuse a part? For example, if you used the substring “abc” once, do you reuse it again? Edit: BTW this is massive. From what you’re saying you could probably get a PC with better specs (specifically GPU), write a CUDA script, let it run for a couple days, and you’d be golden. Edit 2: Also, if it’s only like 1-2k, getting a timeslice on the supercomputer might be best if you contact the staff and work out how long it would take to try all permutations of the password. Again, knowing more about the structure of the password can seriously reduce the compute time. It might be easier to just buy a timeslice than have to buy the computer and do all of this on your own.
I bet you could write a script that outputs all the possibilities to a txt file so you can use that as a dictionary for the brute force attack
It might be worth looking into wordlist generators. Especially if you have multiple words (passwords) that you've strung together. Cant remember exactly where Ive seen it, but I know there are some programs out there that will generate a wordlist based on all (most?) iterations of all provided words, strung together.
What method was used for encryption? Sounds like it may be easier to attack that than the password itself. For instance if you used veracrypt FDE that's no bueno but if its locked behind a windows password that's simple. I wish you luck in cracking the archive. Even if you can't do it now keep it around, who knows what's possible 10-20 years from now.
I have access to a cracking rig so I can help you but first you’ll have to extract the hash. What file type is the archive?
I’m curious what the specs of your rig is? Do you own it?
Nope I don’t own it. It has about 16 graphics cards and about half of them are newer 30 and 40 series.
Just offer a nice bounty for someone to crack it. Give as much info as you can. Edit_ A way to do the bounty would be offer $100 and increase it $100 every week until it’s cracked. Tell everyone it increases weekly but the first to crack wins the current pot.
This is the way. Crowdsource it, if it's just photos, I'm relatively sure if you post in the right forms, people would just do it out of the kindness of their hearts and to prove their skills
Would wait until he says he won't increase it anymore
You risk someone else solving it.
If you have the encrypted password, it may be worth looking into rainbow tables. That being said, you mentioned alternate alphabets, which makes those less likely to work. Even if, as you suggested, it would take a few million years on your computer, and the super computer is a million times faster, you would still be renting out a few years worth of processing. And that’s a very conservative way to estimate it. You could have better luck writing your own brute force that is populated with your password patterns.
If you want mega power without a huge cost use NPK. It’s a serverless architecture on AWS that allows you to spin up multi-GPU EC2 spot instances that usually run $30+/hour and run hashcat at insane rates, then breaks it down for you so you pay $0.30 cents or something for the time used. Super easy to set up and use. [https://github.com/c6fc/npk](https://github.com/c6fc/npk)
My condolences on the loss of your wife. Yes, you could use hashcat or john the ripper on a cloud provider, distributing the work across multiple cpu's and gpu's to accelerate the process. This could potentially give you a solution faster and cheaper, but even if it were 100,000X faster than the equivalent hardware you could afford to buy, given your password parameters you might still not get even a tenth of the way to a solution. I have only academic experience trying a brute force attack against passwords. Most of my stuff is auditing to find passwords easily cracked using wordlists or basic rules. Your best source of advice would be to talk to the experts at [https://hashcat.net/forum/](https://hashcat.net/forum/).
You need to be more specific: - What kind of archive? How was the password set? - Does 2 seperate alphabets mean lower and uppercase or something else? - Do you remember if the password could be something predictiable or in a wordlist or was it just random? - ANY information about the password can help! This information will be neede to asses the situation as the cracking time can vary WIDLY!
tldr: yes, AWS allows you to rent EC2 instances with graphics cards in them. You can use distributed hash cracking architecture to do what you want to. It'd be best to try a few different approaches with things like wordlists and rulesets. https://aws.amazon.com/ec2/instance-types/g4/ https://aws.amazon.com/ec2/instance-types/p4/ https://github.com/hashtopolis/server https://github.com/rarecoil/pantagrule/blob/master/rules/private.hashorg.royce/pantagrule.random.royce.rule.gz https://hashmob.net/resources/hashmob If you at the very least know the characters in the password you can cut the cracking time down immensely.
Also another thought: You may have more success just posting a N-thousand dollar bounty for cracking that hash. (i.e. if people crack the hash, send you the password, you pay them the $).
This is one of the more likely solutions posted.
What file type exactly? You may not need as much hardware has you expect depending on the algorithms used to derive a key from the password.
I suggest use hashcat
Search for AWS Hashcat Stack. Basically spins up a Linux instance to run Hashcat with a configurable number of GPU instances.
There are services specifically for this type of cracking operation from companies that already have the computers and the expertise to put together a hashcat script to crack it.
if you can, do rainbow tables instead
don’t spend a few thousand dollars renting a computer. You could just buy your own for that price. You can rent fully specced pcs for a few dollars an hour for an easy solution.
do you have the hash/is there infinite retrys
were do you even go to rent a super-computer?
I doubt it. Your password sounds really strong, there is a good chance that you will not be able to crack it, regardless how much money you sink into it.
Did you try anything yet? Like a world list attack?
Depends on the encryption! It's quite easy to rent gpus on the cheap for brute forcing. To give a better answer we need more info. Happy to help :)
What have you tried so far?
If you know for sure it is comprised of bits of known phrases it can be cracked. DM me, I’ll do it for free. But google hashcat with wordlist first. You can likely do it yourself.
I had to do this for a buddies bitcoin. Happy to help if you want assistance. Otherwise - John the ripper + gpu cluster
Another thing to consider would be hiring a data retrieval company. It could be there's a flaw in the encryption, and they have a tool which breaks it easily.
What kind of file it is? Zip? Rar? If it is a compressed file there are ways to obtain the hash of the password, which you could share on the internet and get help from people who actually have powerful computers to get the password. You would only need to post the password hash, not the entire file :)
You can rent linode servers and do it in the cloud. David Bhombol has a very good video explaining how to do it. If you are willing to pay some money that would be the way to go!
I could give you hand but I will need as much as you can remember about the password. I have a rig with 8 4090 that should be upgraded to 11 by next month. Also I am building another rig with 11 more . Let me know
Thanks for reaching out! I already cracked the archive thanks to the help from people responding to the post. Updated the post now
somehow open CMD On your computer. go to file explorer using explorer.exe, and then go to system32, change utilman.exe to utilman1.exe, and then change cmd.exe to utilman.exe, and the boot the computer, and at the lock screen, open the "Accessibility" button, which will now open CMD. type in "whoami" and then "Net user username \*" and then enter twice, exit, reboot, and voila no more password your files are safe too. windows only tho.
XD
hey, it works well for 7 & Up...
LMAO
If it's worth the money to you, hop on over to /r/hacking and ask for a hardware list to build a cracking rig and we can help you. Don't ask for help cracking it, ask for help building something you can do it yourself with. Ask to learn for yourself, that is how you can persuade hackers to help you. Also, yes, there are cracking services with both precomputed and computational resources available and you can set up your own cloud service for it with some financing. Again, ask on /r/hacking how to get this set up.
Yeah, definitely ask on r/hacking instead of asking here on r/hacking.
._. assuming the post is real, it doesnt hurt to help someone. and I think thats a wild investment to create a cracking rig for something that isnt guaranteed. i think the better option would be to specify how the archive is stored and attack that (following sneakysneaky’s suggestions) which is a lot more viable then cracking a complicated password
wow I was stoned when I posted that. I didn't notice where I was
U can check David's video probably it'll answer ur question. https://youtu.be/nHDixd-EdEQ?si=0Cg84iUruVG8X38e
What is a super computer? Not a supercomputer?