Kasper: Stuffit 5 Password Recovery

I don’t profess to be an expert programmer or a skilled security researcher, but I’ve spent a lot of time over the last dozen plus years working on recovering old passwords in StuffIt archives. StuffIt was the popular compression tools for Mac users until the Mac OS X-era, when it was overtaken by the standard ZIP format (and price per gigabyte of storage reached a point where compression just wasn’t as critical). You can still purchase Stuffit Deluxe 2011 for both Windows and Mac, but for most people there will never be a need.

Kasper-Logo

A few years ago, I wrote an application called Kasper that used the native StuffIt Deluxe command line tools to brute force an archive’s password using a wordlist. This was, to put it bluntly, an exercise in watching paint dry (35 words per second- sped up to about 435 words per second with the SDK- which needs to be licensed). While I was successful in getting access to a simple four letter dictionary word password, it was clear the speed at which the tool ran (even on modern machinery) was not going to deliver results.

File-Comparison-blog

By running a similar script that, rather than break a single archive, just created thousands of archives with varying passwords, I was able to find out that, thankfully, it appears that the StuffIt 5 password scheme always hashes a password to the same 10 hexadecimal value. I could build a Rainbow Table with that knowledge – a task which would take a large amount of time the first run through, but then would be searchable afterwards.

pw

Even with that, the wordlist would be extravagantly huge (almost 66GB when compressed as a GZIP for every possible 5 character password). Thankfully, the author of the excellent unarchive utility The Unarchiver provided enough data on his site for a non-programmer like myself to recreate the algorithm the password hash in Perl. Using that data, it was easy enough to write a 20 line script to hash a password and compare it to the defined password hash. Speeding this process up was the maskprocessor utility from the hashcat password recovery suite. With this combination, the tool was able to recover a password in a little over half an hour after trying over a billion combos – a rate of almost 500,000 words per second – with the ability to run as many attempts at once as your machine can handle. A dual processor quad core machine can easily run 8 iterations at once without taking a hit – allowing, for example, one to grind out 1-8 character passwords at once.

Hash-Collisions

An interesting find from one of the first passwords recovered this way was when the user told me that he was positive the recovered password (the aam?$Qk one from the earlier screenshot) was not his original password. Obviously hashing algorithms can have collisions- and the double hashing at 40-bit lengths that this algorithm used certainly meant it was possible. Another user provided me with almost 700 archives with passwords – running the script against all these archives for a few days (on only 5 possible characters) recovered a few passwords that were hash collisions. Both the original password and the collision hash to the same value – and therefore both work to decrypt.

StuffitTypesStuffitXIcon-blogs

Unfortunately, this solution only works for Stuffit archives from the version 5 days, which on a Mac OS 9-era machine would be visibly different than a StuffIt 4 or 1.5.1-era file. The StuffIt 5 format was before the barely-used StuffIt X format, but after the very well established StuffIt 4 format was around. StuffIt 4 files are particularly nasty as they utilize a data and a resource fork on the Macintosh- meaning that transferring the file to a Windows PC almost guarantees data loss and corruption. For super ancient StuffIt 1.5.1 or earlier archives, which would date from the early 1990s, there is a rather easy resource fork hack to replace the password. Someday I hope to have a solution for StuffIt 4 that doesn’t involve using the incredibly slow StuffIt Deluxe CLI tools (which also require a registered copy of StuffIt Deluxe). Most likely it will be after a breakthrough by the author of The Unarchiver that I can translate over to a simple script.

22 thoughts on “Kasper: Stuffit 5 Password Recovery”

  1. I HAVE A SITX ENCRYPTED WITH PERSONAL DATA, 474 MB OF PHOTOS, PASS 8 CHARACTERS NUMBERS AND LETTERS . I CAN SEE IN THE HEX EDITOR

    StuffIt!°6˜‹
    ¢¢+ªÖ*+±Rõµ∂õπ¢õ{#¨
    õ∞fõe#‹õi#Ñ
    õ€FX*õq#LõÎF∏UõÛF+õ˜çp≠õ`#ú+õ≈FxØõ…F*õõç∞®õ—FòTõ´çpSõ≥ç0™õw·™õ·F8´õÀçÆõ”ç0¨õ∑·≤+«ª·¥õ◊{fiVõÁ{é+õÔ˜8ºÆõ¿áÁõÖ=flWõâ=Å
    õ{*õë=õ+{nTõ3{F*õwˆ8\©õ°=g*õK{fi©õS{Ü*õ∑ˆ8\™õc{NU+ØÌÜ∑*õÁˆµp¨õÔÌk·µ
    õ¡}-<Wõã˚Z¯^õì˚Z¨õ7˜µp±õ£˚Z8YõW˜µfõg˜µp¥õÔÓk·’
    õ√˚Zx∂õó˜µ›
    õߘµp∏õoÔk·Â
    õ«˜µtõØÔk·€õœÔk·Ò
    õflfl◊¬◊++ª·Ûõ~øõ *õ6 ,®õ&Tõ+6 ‹Põ3

    CAN YOU CONTACT ME PLEASE

  2. Hello,

    I’ve read about kasper a few times. I have a .sitx file that I made in 2010 that I can’t remember the password. It is a .sitx file. Can you help?

    1. SITX files currently have no method of attack other than raw brute force. Unfortunately, brute force speeds are in the hundreds (versus millions or billions) of tries per second. At that speed, recovery is only possible if you are quite certain of your password and just need some twiddling to find the actual password (as in, change cases, swap numbers for letters, etc.).

      A raw attack would take forever. Do you believe you have an idea of the original password?

    1. Absolutely!

      For anyone, any .sit files you have please comment or contact me and we can extract the hash for Stuffit 5 (which we’ll definitely break) or the MKEY for Stuffit 4 (which we can hopefully break… today or someday). If you comment with an email address with your name, we can keep your email address private 🙂

  3. Hi Greg,

    I have an old Stuffit Archive from 2000 which I’d love to get back in to. Is there any chance you could walk me through using your script?

    Much obliged!

    Aaron

    1. Hi!

      I do a few password recoveries a year, and it makes me very happy to help.

      The easiest way to get a Stuffit Password back is to extract the hash and send it to me. This doesn’t expose any data, just the key. I believe I confirmed that an .SEA and a .SIT from that era are really just the same thing, but we may have to get deeper. Anyone can email me at bobkiwi AT mac DOTCOM (or gmail) to talk to me.

      The hashes are locatable with a hexeditor as seen in this pic (at http://i2.wp.com/kiwidget.com/wp-content/uploads/2013/03/File-Comparison-blog.png ) – always stuck between 00-05 and the A5-A5-A5-A5 characters.

      If you can get me that, that’d be great! I should be able to get some password candidates.

      If you don’t see that, please send me the view you get. If it’s Stuffit 4, we’ll have to follow up. For Stuffit 5 this can be done on Windows or Mac OS, but Stuffit 4 we need to be careful of data and resource forks.

    1. That .pl was the Perl version of Kasper, so basically it was encoding password candidates with the MD5 algorithm used by Stuffit 5 and then it would quit whenever a match to a predefined hash was found. Why I called it md5_dump I’m not too sure- but nowadays it’s just called Kasper.exe. It’s a lot more understandable now for me than those days!

  4. Hi Greg
    Some time ago I asked for help with a SITX file. 6. At that time you did not have time and I understood. The problem is that since 1 year suffer a neurodegenerative disease that is making me very dicifil walk and write on the keyboard MAC. That file contains mages of the happiest time of my life that I would like to see while I can but I know it is not easy to recover a password.
    You could send a screenshot of the hex file to find the hash and see if you can help me? Since already thanks
    Sergio

    1. Sergio, I still have your emails from back in January 2014. Since 2014, recovery of Stuffit 4-era passwords is on paper 50% possible within an acceptable amount of time, also only needing a picture of the hex file’s hash.

      Stuffit X-era files do not operate under the same logic. I’ll reach out to you via email to discuss what options we may have.

  5. I have this stuffit file from the late 90’s, not sure what version though (the file is sitting on a PC). The header is [SIT!….∏˛rLau.’..cæÒPçç.Image 001.] (Image 001 is the name of one of the files). Any idea where to find the hash?

    1. That header aligns with a Stuffit 4 era file.

      The hash is located in the MKEY entry in the Resource Fork. However, the resource fork is only kept on a Macintosh, or if it stored in a compressed format that saves the resource and data fork (like Stuffit 5 or newer).

      If you have the file, try to open it in a resource fork aware hex editor like 0xED on Mac OS X. If there is no resource fork, you are in trouble. Try to see if you have a copy of the archive on perhaps an old Mac OS formatted disk.

      Let me know if you need any help!

        1. Oh, you were successful in finding the MKEY resource! That’s great. I’ll have a go at it.

          I haven’t made a direct post on the caveats for Stuffit 4, but my challenges are that there will be false positives (and unlike Stuffit 5, only the real password works and not other hash hits), that the logic only works for passwords up to 8 characters (9 characters or more I can’t get working), and speedwise it will take a full week just to try all combos for 6 characters.

          But I will give it a try and keep trying to improve things with time. Please hold out hope! And if you have any ideas about your passwords length, whether it was all lower or mixed lower and upper characters, had numbers, symbols, etc. let me know. I’ll knock out a run of lower, upper, numbers, and symbols up until 6 characters over the next week.

          My good old Mac Pro 2007 (at 3GHz) runs at about 1.1 to 1.2 million tries a second. I’d love to get a 5GHz machine nowadays. I’ve benchmarked a 3.4GHz i7-2600 at 40% faster. I’m hoping an eventual 5GHz machine will run at two to three times the speed (with even more if I used the Intel compiler).

          1. The file name seemed to be a clue of what the password was. And based on when i did it, most likely to be one word, all lowercase, no spaces, no symbols and 8-10 characters

        2. Okay, with your information about what you think you recall the password being… let’s give this one that really stood out to me a try: “stapler”

          Best of luck!

          1. Yeah, that got into it. Even though it was 18 years since I opened it, it was pretty much what I assumed it was… a few embarrassing photos. Oh well, at least I know what it is now;)

            Thanks for all the help!

            FYI, the file was called “papr.sit” as soon as you said “stapler” I knew thats what it was

  6. I found some old .sit files from 2002. I thought I could remember the password if I worked through it for a while. None of my attempts worked for me. Are you looking for more passwords to crack?

  7. Hi Greg,
    Are you looking for .SEA files to decrypt? I have a Stuffit .SEA file probably made in 2001 or 2002. It’s probably a Stuffit 5-era file – as I believe I found the hash in a hex editor. I’m not sure if it works the same as a .SIt file though. Many thanks!

    1. Absolutely! I’ve found SEAs to be pretty much the same as SIT files, so I’m expecting a win if it’s Stuffit 5 era. I’ll reach out to you to get the hash, and hopefully it’ll be cracked by the end of the week!

Leave a Reply

Your email address will not be published.