JAVA开发的短信收发程序

Ultra Zip Password Cracker v3.00 (c) 1998-1999 Ivan Golubev =========================================================== Contents ======== Description Requirements Usage Template attack National languages support Performance Known bugs and limitations Future enhancements How to register Special thanks Technical support Where to get the latest version Description ----------- Ultra Zip Password Cracker (or UZPC) can be used to crack (or recover) passwords for .ZIP archive files. There are many programs that are similar to UZPC, but UZPC has some advantages that others do not: - UZPC does complete password checking, i.e. if it finds a password, it can be relied on that this is a correct password. Some other program can give false passwords, especially if the archive contains less than three files. - UZPC supports three types of attack: "brute-force", dictionary based and a mix of "brute-force" and dictionary based, called a template attack. - UZPC is a very fast program. It is highly optimised for speed. On a Cyrix PR 233 system its performance is about 600000 password tests per second, when the archive contains three or more files. When an archive contains less than three files, the program performance degrades depending on the archive size. - UZPC can works with archives that contain files with different passwords. - UZPC has a user friendly GUI. - UZPC is customisable: you can set up the minimum and maximum password length, define the type of characters used in the password for a "brute-force" attack, and you can choose the method of modifying a test password from the dictionary file, for a "dictionary based" attack. - You can interrupt UZPC at any time and save the current cracking status. - UZPC shows you an estimate of the time remaining for a solution. - There is multi-lingual National language support, using simple text files. Requirements ------------ To run this program you need: - A computer with running Windows 95/98/NT. - About 100 kilobytes of free hard disk space. Usage ----- After starting UZPC, select the Task menu, choose New, then select the ZIP archive file that you want to process. In the next dialog box select the attack type to be used, and the files in the archive that are to be attacked, (or select that all files have the same password). If you have selected the "brute-force" attack, in the next dialog box define the characters to use in the password search, and the minimum and maximum password length. Then press the "Go" button. If you have selected the "dictionary based" attack, in the next dialog box enter the dictionary name and choose how to modify passwords found in the dictionary file. Then press the "Go" button. The program automatically recognises the line delimiter used in the dictionary file. It may be DOS <CR/LF> or UNIX <LF> or just a <CR> delimiter. For the "template attack" see the description below. The program is now working. It shows the current status. You can see the current password being tested, the average passwords tested per second, and the estimated time to reach a solution. The status information is updating every 5 (by default) seconds. At any moment you can interrupt the cracking process by selecting the "Task\Stop" menu item. Also at any moment you can save the current cracking status by selecting the "Task\Save" menu item. By default, UZPC will save the current cracking status in a file with an extension of .pcs, and with the same name as the ZIP archive file being processed. You can open this file later and continue the cracking process from the saved position. If you think that your system is not stable you can use the autosave function. Select "Options\Setup" and check "autosave every xx minutes". Note that if you start a new task with autosave "on" then you will be asked for the status filename when the autosave time comes (if you have not manually saved the status previously). Also you can change the time interval between status updates. However, we recommend that the update time interval be 5 or more seconds; if it is less than 5 seconds the speed of execution of the program will decrease by between 5% and 10%. If you think that UZPC takes up too much space on the task bar you can select "Options\Setup\Minimize to tray". When (if) UZPC find a password it stops working and displays the results. It shows the ZIP archive filename, files that has been attacked, the password for those files and the password length. Also UZPC saves the password in a file with the extension .psw, into the same location as the ZIP archive. Template attack --------------- A "template attack" is a mix of "brute-force" and a dictionary-based attack. It can greatly assist in the finding of a password if you know something about the password. The main idea of a template attack is to subdivide the password using known information. Each part of a template may be either some character set with a minimum and maximum length, or some word from a dictionary file. To understand how to use a template attack let's take some examples: I. I remember that the password starts with two digits (but I don't remember them), then I used from 4 to 6 lower case letters and maybe I used a special character at the end. So I select template attack and describe the template as: +----------+--------------+------------------------------+ | Position | Repeat Count | Description | | | min | max | | +----------+-------+------+------------------------------+ | 1 | 2 | 2 | Digits (0123456789) | | 2 | 4 | 6 | Lower case letters (abc...)| | 3 | 0 | 1 | Special symbols (!#$...) | +----------+-------+------+------------------------------+ Using this template UZPC starting to generate password from 00aaaa, 00aaab, 00aaac, ..., 00baaa, ..., 12adef$, ..., 21ivan$, ..., up to 99zzzzzz~. This template will be processed much faster than a "brute-force" attack that uses character sets "digits" + "lower case letters" + "special symbols", and with a minimum length of 6 and a maximum length of 9. II. Ok, let's look at the standard keyboard layout: 1 2 3 4 5 6 7 8 9 0 - = \ q w e r t y u i o p [ ] a s d f g h j k l ; ' z x c v b n m , . / Consider the case where I remember that the password for a file is, for example, "golubev". Suppose I incorrectly typed the password, so that in fact "golubev" is incorrect. Then, given that word, I know which parts of the keyboard I originally pressed, (or I've watched how another person typed in a password :-)). Using that incorrect password I can create the following template: +----------+--------------+----------------------------+ | Position | Repeat Count | Description | | | min | max | | +----------+-------+------+----------------------------+ | 1 | 1 | 1 | rtyfghcvbn | | 2 | 1 | 1 | 890iopjkl; | | 3 | 1 | 1 | iopkl;m,./ | | 4 | 1 | 1 | 678yuighjk | | 5 | 1 | 1 | fghjvbn and space | | 6 | 1 | 1 | 234wersdf | | 7 | 1 | 1 | dfgcvb and space | +----------+-------+------+----------------------------+ Using this template UZPC can find such passwords as "go;ubev" or "holubwv". III. Since I am smart enough not to password a file with only a simple word, I've used a more complex password, but I've forgotten that password! And, because I am so smart, the password cannot be recovered by a simple dictionary based attack (even using all available modifiers). However, I know th