10-09-2014, 03:30 PM
RAR archives do not contain a password hash. Rather, the password supplied by the creator is passed through a password-based key derivation function, which is used to generate an encryption key. The RAR archive is then encrypted using this key.
To validate that you have a correct password, you will need a known plaintext-ciphertext combination. You will pass each password candidate through the key derivation function, and use the resulting key to decrypt the ciphertext. If the decrypted ciphertext matches the known plaintext, then you know you have found the correct password.
This is not only true of RAR, but of all "non-hash" formats.
To validate that you have a correct password, you will need a known plaintext-ciphertext combination. You will pass each password candidate through the key derivation function, and use the resulting key to decrypt the ciphertext. If the decrypted ciphertext matches the known plaintext, then you know you have found the correct password.
This is not only true of RAR, but of all "non-hash" formats.