Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 8 Jul 2012 14:19:03 -0400
From: Rich Rumble <richrumble@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Cracking Word files?

On Sun, Jul 8, 2012 at 1:47 PM, Paul van Hoven
<paul.van.hoven@...glemail.com> wrote:
> I've recently heared about john the ripper. Actually I think it is fun
> and I wanted to test it. Therefore I downloaded it and compiled it.
> Everything worked fine. After that I created a sample Word file and
> protected it with a simple password. I downloaded a password list from
> the openwall page. Now I wanted to test john on the Word document. But
> I cannot find out how. I read the EXAMPLES text file and also had a
> look at a wiki article (http://openwall.info/wiki/john/tutorials) but
> the articles provided there are not very helpful. Therefore my
> question: How do I crack a simple Word file whose password is included
> in the download password .lst file?
You may want to use a build from Robert Harris on the contrib page if
your build did not include the office2john.exe, there may have been
additonal steps you need to do(like applying a patch or uncomenting a
few lines in the make file) for that extra program to compile. You can
find the latest build here:
http://openwall.info/wiki/john/custom-builds Then you just run
office2john.exe from cmd...
office2john.exe c:\path\to\office_file.doc >output.txt
That should echo a sting like this into a file called output.txt
(change at will)

e:\john\Office_2010\2010-Default_myhovercraftisfullofeels_.docx:$office$*2010*100000*128*16*213aefcafd9f9188e78c1936cbb05a44*d5fc7691292ab6daf7903b9a8f8c8441*46bfac7fb87cd43bd0ab54ebc21c120df5fab7e6f11375e79ee044e663641d5e
(that is all one line btw) The password for that hash is
"myhovercraftisfullofeels" btw. You can download a number of samples I
and others have contributed here:
http://openwall.info/wiki/john/sample-non-hashes
Remember office2john only works on office versions 2007-2010, not on
the older RC4 types in office-97, 2000, XP, 2003. And it only works on
the "password to open", not macro or read-only password options in M$
office documents. There is also an ODF2john.exe for open/libre/star
office files.
-rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.