- dotTech - http://dottech.org -

[Windows] Find lost or forgotten passwords for ZIP, RAR, and ACE archives with KRyLack Archive Password Recovery

2013-05-04_223929 [1]I’m sure we all have come across situations when we have forgotten or don’t know the password to a password-protected archive file. In situations like those, you can throw your hands up in defeat or you can try to crack the password. KRyLack Archive Password Recovery is a program that helps you do the latter. Let’s see if it is worth your time.

What is it and what does it do

Main Functionality

KRyLack Archive Password Recovery helps you find the password to password-protected ZIP, RAR, and ACE archives using brute-force, brute-force with mask, and dictionary attacks.

Pros

Cons

Discussion

2013-05-04_224435 [3]There are three ways KRyLack Archive Password Recovery allows you to find the password for ZIP/RAR/ACE archives: brute-force, brute-force with mask, and dictionary attack. All three methods involve guessing the required password but they go about the guessing in different ways.

Brute-force guesses the password by, well, brute-force. It cycles through possible password combinations using the characters you tell the program to use (which are numbers [0-9] lowercase Latin characters [a-z] and numbers by default but you can add in other characters, if you want). For example, let’s say the password to a ZIP is ‘cat123′. Brute-force will start from ‘a’ and keep on guessing until it hits ‘cat123′.

Brute-force with mask is like brute-force except it is for when you know parts of the password; brute-force with mask allows you to input marks of the password then use a mask to identify portions of the password you don’t know. Brute-force with mask then brute-forces the parts of the password you don’t know until it finds the right password. For example, let’s say the password for a ZIP is ‘cat123′. You happen to know the password has a ‘123’ at the end but you don’t know the beginning mark. With brute-force with mask, you can tell KRyLack Archive Password Recovery that the password is ‘???123′ (the ‘?’ is the mask) and KRyLack Archive Password Recovery will brute-force it until it finds ‘cat123′.

Dictionary attack is using a database or text file of words and testing those words to see if they are the password. By default KRyLack Archive Password Recovery comes with an English database but you can use your own text file if you want, such as if you want to guess passwords of a different language. You can also modify KRyLack Archive Password Recovery’s database in any text-editor (it is located in the program’s folder under Program Files), if so desired.

Now the question you are probably thinking: will KRyLack Archive Password Recovery find any and all passwords? Unfortunately, no.

As mentioned, what KRyLack Archive Password Recovery is doing is it tries to guess the password to a protected ZIP/RAR/ACE archive. If the password protecting the ZIP/RAR/ACE you want to crack is highly complex and long (e.g. a randomly generated 32-character password), chances are you will never find it. However, if a password is less complex and shorter, then you probably will guess it. There really is no way for me to tell you the percentage of times KRyLack Archive Password Recovery will successfully find a password; it all depends on the password being cracked.

On a similar note, the time it takes for KRyLack Archive Password Recovery to crack a password depends on the complexity and length of the password. For example, KRyLack Archive Password Recovery will find ‘cat123′ very quickly but will take longer for ‘cat123dog123′ because of the length. Again, I cannot provide a general timeframe for how long KRyLack Archive Password Recovery takes to crack passwords because it fully depends on the password being cracked. I can say this, though: KRyLack Archive Password Recovery appears to not make use of GPU while cracking, which means it will crack passwords slower than other crackers that make use of both CPU and GPU.

Finally, there is one oddity about KRyLack Archive Password Recovery that I want to point out: it supports password-protected ZIP archives (aka ZIP archives protected with ZipCrypto) but does cannot crack ZIP archives protected with AES 256-bit. How do I know this? I know this because I received an error message when trying to guess the password of a ZIP archive protected with AES 256-bit:

2013-05-04_224304 [4]
The issue here isn’t that ZIP w/ AES-256 cannot be brute-forced or dictionary attacked. ZIPs w/ AES-256 can be brute-forced and dictionary attacked just like other ZIPs (I know because I’ve done it with Appnimi All-In-One Password Unlocker [5]). The issue here is, for some reason, KRyLack Archive Password Recovery doesn’t support cracking ZIPs w/ AES-256. I don’t know about you but the lack of this feature is essentially a deal-breaker. Why? Because AES-256 if often used to protect a ZIP archive and if KRyLack Archive Password Recovery cannot crack it, then this program is half-useless.

Conclusion and download link

Overall, KRyLack Archive Password Recovery is not a bad program. It isn’t something exceptional, but it isn’t too bad either. However, unfortunately, KRyLack Archive Password Recovery’s lack of support for ZIPs protected with AES-256 basically kills the deal. You are more than welcome to grab KRyLack Archive Password Recovery if you want, but I don’t recommend it. Why spend $29.95 if you aren’t getting full functionality.

If you want to learn how to crack/open/unlock password-protected or encrypted ZIPs, RARs, PDFs, XLSs, or XLSXs files, I’d recommend reading dotTech’s guide on how to crack, open, or unlock password protected or encrypted ZIP, PDF, RAR, XLS, and XLSX on Windows for free [5].

Price: $29.95

Version reviewed: 3.45.58

Supported OS: Windows

Download size: 3.8 MB

VirusTotal malware scan results:

Is it portable? No

KRyLack Archive Password Recovery homepage [6]