
Advanced ZIP Password Recovery 2.0 
==========================================
(c) 1998 Elcom Ltd (V.Katalov, A.Malyshev)


Contents
--------

  Description
  Requirements
  Usage
  Known bugs and limitations
  Future enhancements
  Registration
  Technical support
  Where to get the latest version


Description
-----------

This program (Advanced ZIP Password Recovery, or simply AZPR)
can be used to recover your lost password for ZIP archive. At
the moment, there is no known method to extract the password
from the compressed file; so, the only available methods are
"brute force" and dictionary-based attacks.

Well, there are a lot of programs like this around, but
all of them have their own "pros" and "cons". Here is a brief
list of AZPR advantages:

- The program has a convenient GUI (Windows user interface).
- The program is very fast: up to 15 million passwords per
  minute (on Pentium-200/MMX).
- The program is customizable: you can set the password length
  (or length range), the character set to be used to generate
  the passwords, and a couple of other options.
- Dictionary-based attack is available.
- The maximum password length is not limited (in registered
  version).
- No special virtual memory requirements.
- You can interrupt the program at any time, and start from the
  same point later.

The next versions will have much more useful features, of
course.


Requirements
------------

- Windows 95 (any version), or Windows 98, or Windows NT 4.0 running
  on Pentium CPU
- 4 megabytes RAM
- less than 1 megabyte of hard disk space
- patience...


Usage
-----

The program is a windows application and have powerful
graphical user interface (GUI). You can run this program
from "Advanced ZIP Password Recovery" group created by
the installation program.

You have to select the following:

  Name of the file
  ~~~~~~~~~~~~~~~~
  Just the name of ZIP archive you'd like to get the password
  for. Use the "Browse" button to pick it from the list.

  Password length
  ~~~~~~~~~~~~~~~
  Maximum and minimum length of the password to verify.

  Type of attack
  ~~~~~~~~~~~~~~
  Brute-force or dictionary attack. You can select both of those;
  if the dictionary attack (which is much faster and executed first)
  fails - brute-force attack will be performed.

  Brute-force range options
  ~~~~~~~~~~~~~~~~~~~~~~~~~
  Instructs the program what characters have been used in
  the password), if you have this information. You can choose
  from all capital, all small letters, all digits, all special
  symbols; or just all printable (includes all of the above).
  In addition, you also can define your own charset. Just
  click a checkbox "Custom charset" and "Define" button. In
  appeared dialog box enter all chars of your password range.
  For example: if you remember that your password was entered
  in the bottom keyboard row ("zxcv...") - your password range
  will be "zxcvbnm,./" or in caps: "ZXCVBNM<>?". You can also
  define the both of these: "zxcvbnm,./ZXCVBNM<>?".

  Start from password
  ~~~~~~~~~~~~~~~~~~~
  This option may help if you know what the first character of
  the password is. For example, if you're sure that the small
  letters have been used (from 'a' to 'z'), the length is 5, and
  the the password definitely starts with 'k', than type 'kaaaa'
  here. Please also note, that if you press the "Stop" button
  when AZPR is working, the program writes the current password
  to this window ("Start from password"). It can be used later
  to restart the program from the same point.

  Dictionary options
  ~~~~~~~~~~~~~~~~~~
  Simply select the desired dictionary file. In addition, you can
  select an option "Try to capitalize first character" or "Try
  to capitalize all characters" -- it may really help if you're
  not sure about the register the password has been typed in.
  For example, for the word "password" (in dictionary), the
  program will also try the "Password" (if the first option is
  checked), and "Password", "PaSsWoRd" etc (if the second one is
  checked).

  The small, but really effective dictionary is included into
  AZPR distribution: "english.dic" (about 27,000 words). Some
  other very good ones are available at:
    ftp://sable.ox.ac.uk/pub/wordlists/
    ftp://ftp.cdrom.com/pub/security/coast/dict/wordlists/
    ftp://ftp.cdrom.com/pub/security/coast/dict/dictionaries/
  Also, please have a look at our "Password Recovery Software"
  page -- you'll find a few dictionaries, wordlists and dictionary
  generators there, as well as the links to related sites:
    http://www.elcomsoft.com/prs.html

  Priority
  ~~~~~~~~
  Normal or high. If you want to start AZPR as "background" process
  -- you have to select "Normal". If you want to increase the
  performance -- please select "High", but it will decrease the
  performance of all *other* applications running on your computer.

  Save and Read setup
  ~~~~~~~~~~~~~~~~~~~
  You can save you current AZPR setup into specified INI-file.
  When you press the "Save setup" button, the "Save file" dialog
  appears. Just select an INI-file name (e.g. "myarch.ini"), or
  select an existing INI-file for overwriting. You can read your
  setup later -- simply press a "Read setup" button.

  AutoSave
  ~~~~~~~~
  If you'd like AZPR to save its state perodically, please check
  the appropriate option, and select the time (in minutes). If
  you'll do that, AZPR will create (and update) a restore file
  "~azpr.ini" (in the same folder where "azpr.exe" is located;
  similar to one created when using the "Save setup" button), and
  even if your computer will stop resonding (or on power fail),
  you'll be able to restore breaking the password from the last
  saved state.

When (if) the password is found, the program shows it, as well
as the number of passwords which have been tested, and the
program speed:

'qwert' is a valid password for this file
Processed 1760765 passwords
time = 22 second(s)
speed = 80034 passwords/second

If all possible passwords (in the given range) have been verified
without success (so the valid one has not been found), the
message is:

Password not found in specified range
Processed 256976 passwords
time = 1 second(s)
speed = 256976 passwords/second

If you stopped your recovery by pressing a "Stop" button - the current
step of brute-force is saved in "Start from" field. Now you can
press a "Start" button again and recovery will be continued from
this step.


Known bugs and limitations
--------------------------

- When files in archive are "stored" (no compression, just
  encryption) -- the performance reduces significantly, because
  it requires to decrypt the whole file.
- If the archive contains two or more encrypted files, the
  program will assume that all of them are encrypted with the
  same password.


Future enhancements
-------------------

We know that the program could be improved, and here are some
facilities we're going to implement:

- Ability to select the password mask using regular expressions.
- Selecting particular file (in archive) to crack.
- Running as a service under Windows NT.
- "Known plaintext" attack.
- Working on SMP systems (when more than one CPU is available).
- Network Password Recovery
- Further performance optimizations.

If you have any ideas how the program can be improved, please
don't hesitate to contact us! Your comments are very appreciated.


Registration
------------

This program is distributed as shareware (look at "license.txt"
for details). Being unregistered, it does not allow to set the
maximum password length (it is always 5).

After you register (look at "order.txt" for details), we'll
send you your personal registration code. You'll just have to
click the "Register" button; the program will open the input
window to enter the registration code; after you do so (you can
use cut'n'paste to avoid typing errors), it will have the full
functionality.

Please note that your registration will be valid for all future
versions of AZPR -- so, all upgrades (minor and major) are free
for registered users.


Technical support
-----------------

For technical support, please contact us at support@elcomsoft.com.
In the subject of your mail, please write "AZPR x.y" (where x.y
is the version number), followed by "problem", "suggestion" or
whatever.


Where to get the latest version
-------------------------------

The latest version of AZPR is always available from our
web page at http://www.elcomsoft.com/azpr.html.
