The hash is identified as MS Office 2010, which is assigned the hash mode number 9500 by hashcat (see hashcat -help for a list of all hash modes). ![]() 1.1 Retrieve hashÄownload and run office2hashcat.py to retrieve and save the encrypted hash of our password-protected Word document (foo.docx) to hash.txt: 2 $ office2hashcat.py foo.docx > hash.txt $ cat hash.txt $office$*2010*100000*128*16*a1688e8975694550a7a61b5. We won't bother attempting a brute force / mask attack, since even a simple 6-character lowercase password could take as long as 19 years to crack on this hardware. Test platform: a wildly unsuitable mid-2010 iMac with an Intel Core i3 processor and 256MB ATI Radeon HD 4670 graphics card, running macOS 10.12. It also largely applies to cracking any hash supported by hashcat (MD5, SHA1, NTLM, etc). ![]() This guide covers cracking a password-protected DOCX file 1 created with Word for Mac 2011 (which employs the same protection algorithm as Microsoft Word 2010). Cracking Microsoft Office password protection via hashcat, locally or in the cloud / docs / Cracking Microsoft Office password protection via hashcat, locally or in the cloud
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |