Does anyone out there know of a way to brute force values at a particular offset in a file? It's 4 consecutive bytes which would need to be brute forced. I know the correct SHA-1 of the corrupt file. So, what I'd like to do is compare the complete file SHA-1, each time it changes the byte value.
I know the exact 4 bytes which were changed, because the file was given to me by a data recovery expert, as a recovery challenge. For those who are interested in knowing, the rar file has 4 bytes which were intentionally changed. I was told the offsets of the changed 4 bytes and the original SHA-1. The person said it's IMPOSSIBLE to recover the exact file in the archive once the 4 bytes were changed. Even if it was only a few bytes and you knew exactly where the corruption was located. Since it doesn't have a recovery record. I'm trying to see if there is a way for those particular 4 bytes to be filled in correctly so the file will decompress without error. The file size is around 5mb.
Example:
I uploaded photos so it's more clearly defined of exactly what I'm looking to do. I believe someone can post them here for me with more rep.
The example offset I'm focusing on is 0x78
where the first pic shows the value as CA
I want the script to the take the value up by 1 so it becomes CB
as shown in the second pic. I want it to keep increasing the value by 1
and then compare the whole file SHA-1 each time. Only making changes to those 4 bytes at the specified offset.
It will try CAC5C58A
and compare the SHA-1. If doesn't match, then it will try CBC5C58A
.Then once the first value reaches FF
it will then go to 00C6C58A
and so on. Basically, I would like it to be able to go from 00000000-FFFFFFFF
but to also have the option to choose where you want it start and end. I know it could take some time but I would still like to try it. Keep in mind I know the exact offset of the bytes which are corrupt. I just need the correct values.
If you search on Google: "How to fix a corrupted file by brute force" There's a person that wrote a Linux program. However, it only works against the files included with the program. I'm looking for some way to use the same process with my file.