Now, make a cup of coffee, sit back and wait for John to do its thing. $ john -rules -wordlist=yourwordlist.txt hash.txt In starting it was only made for Unix operating system but now it can be used on several other platforms also like windows, mac, etc. Test.xlsx:$office$ 2010100000 12816 b1203fe2e498cec4d5452e1d0aea3775cd130baf73f5de29ec3744c8f883b873*aeeeffa8673fde485a013d6b9c367a3ef40a357ed7f111e17b2a13e3339ec69įinally, you can start a bruteforce session with John The Ripper, maybe using a specific wordlist: John the Ripper is password cracking software used by penetration testers and cyber security experts.It is completely free. Now, under "run" you can also find a python script, office2john.py: you can use it for extract the hash from the encrypted XLSX file: If everything goes well, the executables for John and its related utilities will be created under "./run/". The correct way is to extract the password hash from the file and then cracking it using John The Ripper.įor this purpose, you need to get a ' jumbo' build of John The Ripper, that supports Office files cracking. The encryption algorithm of encrypted Microsoft Excel files is 40bit RC4.Īs it is encrypted nothing could be tweaked by opening the document with a hex editor.
I did it,and now i'd like to share workflow for XLSX cracking. Obviously, the file was password protected, and I had to find a way to read it.
Recently, during a forensic analysis on a laptop of an employee charged with corporate espionage, I've carved from disk a suspicious Excel file.
0 kommentar(er)
