Tools: Hashcat, Johntheripper(I suggest you guys do this experiment in Kali Linux)
1. Download Office2john.py which helps us to extract the hash value of the Word document.
Enter wget https://raw.githubusercontent.com/magnumripper/JohnTheRipper/bleeding-jumbo/run/office2john.py in terminal.
2. chmod +x Office2john.py (Ignore this if you’re Root)
3. Extract the Hash value python office2john.py (file path)* > Hash.txt(Name)
The extracted Hash value is in the Hash.txt, and you can use cat command to check the value in the file.
4. ///Start to use Hashcat///
hashcat – help
The file’s date Microsoft words 2007, as you can see from the hash(The year varies from person to person, so check the hash value)
directly search MS office 2007 in help and see that 9400 is the number
you need a wordlist, there are several wordlists in kali, you may try this: /usr/share/wordlists nmap.lst
enter: hashcat - a 0-9400 - m username - o cracked.txt Hash.txt /usr/share/wordlists nmap.lst - force
-M: tell the number - A: 0 Decrypt method - O: generate file with password written in it
5. The password is in Cracked.txt, use command cat to check.
ps. You may use Cruch to generate a big wordlist.
Reply has been removed
You must be logged in to reply to this discussion.
1 of 1