On our example the results would look like this. This can be done through a python script called office2john.py (hint: you can use the hashes extracted through this script also with john the ripper). Our first move would be to acquire the hash from the actual document. For illustration purposes, I have created a Word 2007 document (example.docx) and protected it with the password “ password12345“. There are a lot of other guides available on this topic, an example would be this one.įirst of all, you will need a password protected document to extract a hash that needs to be cracked. Important note: This is not a guide on how to install and use hashcat in general. This guide will take you through how to use hashcat (we will use cuda-hashcat as an example) to crack Microsoft Office passwords. There are 6 different flag codes implemented for the 97-03 hashes (depicting different implementations of the hash) and one implementation for each of the other versions of Office, as shown below. This addition appears to have been added only to the GPU enabled versions of hashcat ( ocl-hashcat, cuda-hashcat) at the moment. That is the ability to crack Microsoft Office password hashes across all different versions (97-2003, 2007, 2010, 2013). On the latest update of the tool ( October, 2014) there was a significant addition that did not get the buzz that it should have created. There are several versions of the tool, allowing it to take advantage of different platforms, including ocl-hashcat and cuda-hashcat. For anyone that is not familiar with it, Hashcat is one of the most well known password cracking tools at the moment, primarily due to it’s lightning fast speed.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |