How to extract password from a *.7z file?

grgaud1 · January 5, 2024, 12:17am

I have a 7z file which I password protected(and encrypted) and I can’t remember the darn password. Is there a way to extract this password from this file?

P.S. I love EndeavourOS/KDE, it’s great!

I0F · January 5, 2024, 6:40am

No. Would pretty much make passwords useless, if that was possible.

Kresimir · January 5, 2024, 7:21am

If it is a weak password, you could probably brute force it. There are many tools that do this. Look up how to use John the Ripper and Hashcat.

keybreak · January 5, 2024, 7:34am

It will be pretty fast if you have at least somewhat vague idea of what it is or parts of it, or if it’s numbers only. Anything above 5 symbols won’t be fast and will need significant resources to brute-force and you’ll need a powerful GPU.

grgaud1 · January 5, 2024, 4:42pm

Blockquote
No. Would pretty much make passwords useless, if that was possible.
Blockquote

Oh good, some encouraging news!

grgaud1 · January 5, 2024, 4:48pm

Thank you. I forgot to mention that my password has 12 characters. However, I remember the characters, just not the sequence. I’ll try both of your suggestions.

grgaud1 · January 5, 2024, 4:53pm

I have a computer with an AMD Radeon RX 5600 XT, so I’ll try it on that one. The password is 12 characters long, but I remember the characters I used, just not the sequence. I’m guessing that if I input those characters, it’ll make the job easier?

keybreak · January 5, 2024, 5:04pm

Yep, much better.
If you can limit to specific characters it will be faster, although 12 characters still would take a lot of time, prepare not to turn off your PC

Basically you should extract hash from .7z file and then hashcat that hash until it’s brute-forced…

grgaud1 · January 5, 2024, 5:09pm

Cool, I’ll try that. Thx.

keybreak · January 5, 2024, 6:11pm

Oh, and btw, if you 100% sure it’s 12 characters - set hashcat to strictly brute-forcing 12 characters length, it will skip unnecessary steps between 1 and 11 which would take a lot of time as well, and will do only what you actually need

I0F · January 6, 2024, 8:48am

Keep us updated. I would be interested to see if it worked!

keybreak · January 6, 2024, 8:59am

I assure you eventually it will…
With a balance between powerful GPU(s) and patience of Buddhist monk (since it’s 12 characters).

You can test it yourself easily by creating some 2 characters password in .7z and brute-forcing it, it will be very fast.

Kresimir · January 6, 2024, 9:39am

This is actually a great exercise before attempting any serious password cracking.

Make an archive with a simple password (say three lowercase letters), extract its hash with some perl script from github (inspect the script first so you can be sure there’s nothing fishy), and try to brute force it with hashcat. You’ll learn a lot from the exercise.

Zircon34 · January 6, 2024, 2:15pm

seems @Kresimir and @keybreak are some kind of secret agents, anarchists, cyberpunk or something

keybreak · January 6, 2024, 2:17pm

No no no…we would never do anything like that!

honka_animated-128px-35

P.S. Special agent assigned to me would certainly not approved that!

Zircon34 · January 6, 2024, 2:19pm

cyberpunk clown animation

keybreak · January 6, 2024, 2:21pm

@Kresimir right now:

Zircon34 · January 6, 2024, 2:29pm

oh this video is blocked in the US…copyright something. need to hack it. can only watch the older version.

Kresimir · January 6, 2024, 3:31pm

incognito_72

grgaud1 · January 6, 2024, 6:05pm

Actually, I didn´t have to use hashcat or John. I tried a few more times to input the characters I remembered and I got the right one. I then saved it with another pw I know well (15 char.) and one I have written down.
I found hashcat and John quite complicated to use, so this is why I gave it another try. My thanks to all of you who contributed.