Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 18 Aug 2021 16:09:40 -0400
From: Rich Rumble <>
Subject: Re: Help interpreting JtR informational message output
 while cracking an MS Word document

Depends on the version and even service pack of office sometimes:
(prior versions)
Each version of office is backward compatible with most if not all previous
versions, but the defaults are what people mostly use for the password to
For office 2013, I believe the password is iterated as a sha-256 hash 100k
times, and then that final hash is used as the asymmetric key to
encrypt/decrypt the document that is AES-128 (can be 256 too) Encrypted...
I think? So hashing the word 'password' in sha-256 =
"5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8" then
hashing that hash =
"113459eb7bb31bddee85ade5230d6ad5d8b2fb52879e00a84ff6ae1067a210d3" and then
that one... 100k times.
It could be that SHA-512 is being used and JtR detect that. Have a look at
the sample hashes and try those:[]=office
Now the AVX numbers you see should pertain to how John was built and what
on-chip/die JtR is able to take advantage of. So AVX and SSE are good to
see, they will likely offer some speed up over a CPU that doesn't support
them. I really don't know the ins/outs of how JtR and others take advantage
of those on-chip resources :(
Check the benchmarks site to see how those on-board resources can help
speed up CPU cracking:
I hope this helps, I know Solar and others can add much more to this
conversation !-)

On Wed, Aug 18, 2021 at 1:42 PM Y Perron <> wrote:

> Hello All,
> Can someone please help me understand the information that appears in the
> line below that begins with Loaded 1 password hash (Office, 2007/2010/2013
> [SHA1 128/128 AVX 4x / SHA512 128/128 AVX 2x AES]).  In particular here is
> the information I am after:
> - which algorithm/method is used to hash the encryption password;- what
> information is conveyed in the following (Office, 2007/2010/2013 [SHA1
> 128/128 AVX 4x / SHA512 128/128 AVX 2x AES]).
> Thanks in advance,
> Yvan
> F:\AppliedCrypto\john-1.9.0-jumbo-1-win64\john-1.9.0-jumbo-1-win64\run>john
> --incremental --format=office CrackMe.docx.passUsing default input
> encoding: UTF-8Loaded 1 password hash (Office, 2007/2010/2013 [SHA1 128/128
> AVX 4x / SHA512 128/128 AVX 2x AES])Cost 1 (MS Office version) is 2013 for
> all loaded hashesCost 2 (iteration count) is 100000 for all loaded
> hashesWill run 4 OpenMP threadsPress 'q' or Ctrl-C to abort, almost any
> other key for status0g 0:00:02:03  0g/s 57.54p/s 57.54c/s 57.54C/s
> motted..mothel0g 0:00:04:16  0g/s 57.74p/s 57.74c/s 57.74C/s
> mykash..mynami0g 0:00:09:05  0g/s 56.56p/s 56.56c/s 56.56C/s
> 036118..0361350g 0:00:26:11  0g/s 56.03p/s 56.03c/s 56.03C/s cely5..ced120g
> 0:00:26:13  0g/s 56.02p/s 56.02c/s 56.02C/s larru..laccaSession aborted

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.