Stuffit self extrac...
 
Notifications
Clear all

Stuffit self extracting compressed file - password....

7 Posts
3 Users
0 Likes
721 Views
 Andy
(@andy)
Posts: 357
Reputable Member
Topic starter
 

I need to crack a password/phrase protected 'stuffit' self extracting .exe file, on a Windows XP box. None of my usual stuff (PRTK, etc) will work with it. Any ideas?

Andy

 
Posted : 12/04/2005 2:38 pm
(@gmarshall139)
Posts: 378
Reputable Member
 

Andy,

Were you able to recover any passwords from the registry? Or maybe from the pagefile if you don't find any there. My best chance of success is usually from recovering as many other passwords as I can and just trying those.

 
Posted : 12/04/2005 9:39 pm
(@lonelywolf)
Posts: 31
Eminent Member
 

oh from tha pagefile?

interesting, how someone could retrieve password (and other useful information) from it?
Is there some tool that perform pagefile "parsing" or "interpreation"?

 
Posted : 12/04/2005 10:07 pm
(@gmarshall139)
Posts: 378
Reputable Member
 

Searching the pagefile is really like searching the unallocated space. Data has to be carved out, but you can find a lot there. It can be parsed with any good forensic tool.

 
Posted : 12/04/2005 11:11 pm
 Andy
(@andy)
Posts: 357
Reputable Member
Topic starter
 

Thanks

Andy

 
Posted : 13/04/2005 12:01 am
(@lonelywolf)
Posts: 31
Eminent Member
 

Hi greg,
this thing of pagefile it's really interesting for me..
but you have to perform the pagefile analysis "offline" or you can do it with os in execution?

Thanks

Lonely Wolf

 
Posted : 13/04/2005 12:46 am
(@gmarshall139)
Posts: 378
Reputable Member
 

You can't access the pagefile of a live system. I'm speaking of a forensic analysis of a system. You can search it manually for file headers, text, etc. Or use something like FTK's data carving feature or Encase Enscripts.

 
Posted : 13/04/2005 1:17 pm
Share: