john-users - Re: Cracking office documents

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-ID: <CAGyMCVdj3sR6T1jQnYjFSVTYXrXm+k7jj7E+c0VFORceGXubvg@mail.gmail.com>
Date: Thu, 4 Dec 2014 15:40:57 -0600
From: hmm <loadtoad@...il.com>
To: john-users@...ts.openwall.com
Subject: Re: Cracking office documents

I did it a few months ago on a 2007 doc. It wasn't easy. I used some tool
to do it. I would have to consult notes at work to confirm. I can find out
tomorrow.
On Dec 4, 2014 3:38 PM, "Dan Tentler" <dan@...nlabs.com> wrote:

> how do you get the hash out of the doc?
>
> On 12/4/14 1:03 PM, hmm wrote:
> > I believe I am speaking about cracking the hash not the actual doc.
> >  On Dec 4, 2014 2:44 PM, "Dan Tentler" <dan@...nlabs.com> wrote:
> >
> >> What format do they appear to be in? Do you have to manually specify a
> >> format?
> >> On 12/4/14 12:38 PM, hmm wrote:
> >>> I have has luck using the bleeding edge releases to crack office docs.
> >>> On Dec 4, 2014 2:31 PM, "Dan Tentler" <dan@...nlabs.com> wrote:
> >>>
> >>>> Hey Guys!
> >>>>
> >>>>  So some of you may have heard, attackers have been leaking gigs and
> >>>> gigs of sony data. Bad guys will be bad, but the good guys are
> >>>> dissecting every iota of these things for analysis purposes, creating
> >>>> new dictionaries etc etc.
> >>>>
> >>>> Some of these files are password protected. I don't recall if jtr does
> >>>> cracking of office document formats - I tried handing one to the the
> git
> >>>> version of john from maybe a week ago and it thinks the crypto is
> >>>> 'whirlpool'.
> >>>>
> >>>> Thoughts?
> >>>>
> >>>> -Dan
> >>>>
> >>>>
> >>
>
>

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.