Tools: Hashcat, Johntheripper(I suggest you guysdo this experiment in Kali Linux)
1. Download Office2john.py which helps us to extract the hash value of the Word document.
Enterwget https://raw.githubusercontent.com/magnumripper/JohnTheRipper/bleeding-jumbo/run/office2john.py in terminal.
2.chmod +x Office2john.py (Ignore this if you’re Root)
3.Extract the Hash valuepython office2john.py (file path)* > Hash.txt(Name)
The extracted Hash value is in the Hash.txt, and you can use cat command to check the value in the file.
4. ///Startto useHashcat///
hashcat – help
The file’s dateMicrosoft words 2007, as you can see from the hash(The year varies from person to person, so check thehash value)
directly search MS office 2007 in help and see that 9400 is the number
you need a wordlist, there are several wordlists in kali, you may try this:/usr/share/wordlists nmap.lst
enter:hashcat - a 0-9400 - m username - o cracked.txt Hash.txt /usr/share/wordlists nmap.lst- force
-M: tell thenumber - A: 0 Decrypt method - O: generate file with password written in it
5. The password is in Cracked.txt, use command cat to check.
ps. You may use Cruch to generate a big wordlist.
Reply has been removed
You must be logged in to reply to this discussion.
1 of 1