Which cracked the hash for what turned out to be a 6 character lowercase password in about 12.5 hours: Session.: hashcat hashcat -a 0 -m 9500 -opencl-device-types 1 -status -o found.txt hash.txt merged.txt We can force hashcat to use the CPU with -opencl-device-types 1: $. What happened? The GPU is unsupported 3 and hashcat halts immediately. * Device #2: This device's local mem size is too small. * Device #2: This device does not support byte-addressable store. * Device #2: This device does not support base atomics. hashcat -a 0 -m 9500 -status -o found.txt hash.txt merged.txt Merged.txt = our wordlist from step 1.3 $. o found.txt = output recovered password to found.txt status = automatically update status screen m 9500 = set hash mode to MS Office 2010 a 0 = set attack mode to straight / dictionary attack We'll pass the following arguments to hashcat: 1.2 Get hashcat and OpenCL-Headers $ git clone $ cd hashcat $ git submodule update -init $ make 1.3 Get wordlistÄownload from Daniel Miessler's SecLists/ Passwords and extract to merged.txt: $ curl -LO $ tar xf 1.4 Start cracking The hash is identified as MS Office 2010, which is assigned the hash mode number 9500 by hashcat (see hashcat -help for a list of all hash modes). 1.1 Retrieve hashÄownload and run office2hashcat.py to retrieve and save the encrypted hash of our password-protected Word document (foo.docx) to hash.txt: 2 $ office2hashcat.py foo.docx > hash.txt $ cat hash.txt $office$*2010*100000*128*16*a1688e8975694550a7a61b5. We won't bother attempting a brute force / mask attack, since even a simple 6-character lowercase password could take as long as 19 years to crack on this hardware. Test platform: a wildly unsuitable mid-2010 iMac with an Intel Core i3 processor and 256MB ATI Radeon HD 4670 graphics card, running macOS 10.12. It also largely applies to cracking any hash supported by hashcat (MD5, SHA1, NTLM, etc). This guide covers cracking a password-protected DOCX file 1 created with Word for Mac 2011 (which employs the same protection algorithm as Microsoft Word 2010). Cracking Microsoft Office password protection via hashcat, locally or in the cloud / docs / Cracking Microsoft Office password protection via hashcat, locally or in the cloud
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |