[Polpolion]

Is there a better way of doing it?

AFAIK, the only other method is dictionary, and I have yet to find any dictionary to give me any results.

[Akalabeth Angel]

    What kind of goofball password protects his backup disks anyway.

[FUBAR-BDHR]

If anyone has a decent utility to do it I could set up half a dozen fast computers to work on it round the clock. 

[phreak]

Using phreak's QX6850. (I think that's what he means)

even with a qx6850 it would take a few years to brute force 8 characters.  Not to mention that the zip cracks are not multithreaded so it's only going to use 25% of my cpu no matter what.  Winzip has a nice known-plaintext vulnerability that should recover passwords "instantly", but we need to know part of the unencrypted output.

[Gamma_Draconis]

Wow, this is like a lost treasure chest. It even has a locked chest!

Since the music isn't locked, could you upload them for the community to hear?

[Mobius]

Is the campaign SCP compatible? Please inform the FSCRP as soon as you crack the password

[Bob-san]

I've tried a good bit of brute-forcing already. I estimate it's up above 300 billion passwords by now. I tried a "stupid" brute-force (lower-case letters and numbers) last night--racked up over 80 billion passwords in an hour. For the past 2 hours and ~40 minutes, I've been brute-forcing it with all standard combinations. I have two computers running 3 attacks right now... my E2140 @ 3.25GHz is running a brute-force attack and an Xieve attack while my PII @ 400MHz is running an extended dictionary attack.

I'm guessing it'll take quite a while to break, but I'm hopeful that it's within a few days that I have a password for you.

Do you happen to have any part of that archive that's not protected? I could get a password much faster if you have, for example, the readme file unencrypted.

[Tinman]

and for a dictionary attack, the native language of the one that compressed/archived the file would be helpful

[Tyrian]

I've got a good amount of experience with password cracking.  I'll grab the archive and do some research on it.  I'll message a few of my contacts on the darker side of the net's to see what I can find out.

EDIT:  Do you have a time stamp for when this was password protected?  Anything would help, even if it was just the year.

[Bob-san]

2001. IF you DL the archive you can see the packaging times and all.

[Goober5000]

This file had to have been made in 2002, since there's a 2002-dated archive inside it.  And it looks like it was made with something called ZipCrypto.  See the attached screenshot.

Do you happen to have any part of that archive that's not protected? I could get a password much faster if you have, for example, the readme file unencrypted.

Winzip has a nice known-plaintext vulnerability that should recover passwords "instantly", but we need to know part of the unencrypted output.

The zip contains a .fs2 file and a file called ships-tbl-entry.txt, so that gives you a bunch of strings you can search for right off the bat:

#Mission Info
This is a FRED created mission (if they didn't change that)
#Plot Info

$Allowed Dogfight PBanks:
$Expl Propagates:
$Max Oclk Speed:

etc.  How much unencrypted text do you need?

[attachment deleted by admin]

[colecampbell666]

No, ZipCrypto is the encryption method for .ZIP files.

[Clawandfang]

This is making my head spin.... if everyone brute-forced, couldn't we seriously cut down that time? Even if everyone did it for just a few days...

[colecampbell666]

Yeah, make it a community project. It could be our Folding@Home.

[haloboy100]

Would that be possible?

[Tyrian]

We'd need to set up a network of all our machines to make it work efficiently.  Or else, everyone would be overlapping when it came to a brute force attack.

[Bob-san]

I'm up well over a thousand billion passwords now--I've not looked at the system for an hour or so now, so I'll leave the system running until 10-11PM tonight.

As for decoded plaintext, a whole file is the best. I'll try injecting an unencrypted file into the mix and see if that has any results (I highly doubt it will). So far I've been brute-forcing using Zip Key from Passware--using all capitalized and lower-case letters, numbers, symbols, and spaces. I should be up to 8 characters now--the max that Passware would let me run. I did a 1-8 character attack. On the same computer I'm doing a Xieve attack which is going up to 14 characters.

Try to get into contact with the creator--any lead we can get on the length will be appreciated--meaning number of characters, type of characters, and possibly a copy of a file. I realize that it being made in 2001 is a daunting task...

[haloboy100]

This feels epic

[phreak]

This file had to have been made in 2002, since there's a 2002-dated archive inside it.  And it looks like it was made with something called ZipCrypto.  See the attached screenshot.

The zip contains a .fs2 file and a file called ships-tbl-entry.txt, so that gives you a bunch of strings you can search for right off the bat:

#Mission Info
This is a FRED created mission (if they didn't change that)
#Plot Info

$Allowed Dogfight PBanks:
$Expl Propagates:
$Max Oclk Speed:

etc.  How much unencrypted text do you need?

The minimum known plaintext is 13 bytes.

I was using the following since it was the largest chunk of text i could find in a normal FS2 mission that doesn't seem to be modified at all:

#Plot Info

$Tour:  XSTR("Blah", 6)
$Pre-Briefing Cutscene: Blah
$Pre-Mission Cutscene: Blah
$Next Mission Success: Blah
$Next Mission Partial: Blah
$Next Mission Failure: Blah

Unfortunately it didn't find anything...

[Bob-san]

You need a complete file to match--and it has to be in the Archive. I'll try a "Sure-Zip" attack tonight--probably stop the Xieve attack and see if an hour using Sure-Zip will really break the password--if it was made with a pre-WinZip 8.0, I should have success in an hour.

EDIT: Just tried Sure-Zip--absolutely no success. It's a non-WinZip file, so it's incompatible. Can you look through the other backups for a non-encrypted file? I resumed a heavy dictionary attack, Xieve attack, and normal brute-force attack