I want to make a bruteforce rar password cracker, just for practice. I know that it's easy to google for programs that already do this, but I want to make one myself.
Can anyone tell me how can I check if a string is a correct password for a rar file?
Essentially impossible, because you do not know what you are looking for. If you have the exact copy of the archived contents you can try to only get the password, so you would get encrypting code, and just decrypt every brute forced password and compare it to the original.
Essentially impossible, because you do not know what you are looking for.
I'd imagine you are looking for a valid CRC.
Archives typically (if not always) verify the integrity of the decompressed file with some kind of CRC or hash. To brute force a password, you'd have to:
1) pick a password
2) attempt to decompress a file using that password as a key
3) If decompression chokes, it's the wrong password.
4) If it doesn't choke, do a CRC/hash of the decompressed data.
5) verify hash matches the hash specified in the archive
6) On a match, you've found the password! On a mismatch, you have the wrong password.
You'll have to find some documentation on rar archives and their compression methods. A proper file format spec should explain everything you need to know.
EDIT:
After a quick google search I stumbled upon this doc which seems to lay out the file format, but does not explain the compression algorithm. For that it defers to external source code: