I have an assignment to crack an Office password for a document. I have tried using john and hashcat with several large wordlists, and had no luck, so I decided to go all-in and just leave a Kali instance running john in incremental (brute force) mode for “as long as it takes.” It’s been two days so far.<\/p>\n\n\n\n
I have it running within ‘screen’ so that I can occasionally login to the system remotely to check progress without risk of losing it. I was excited at one point yesterday seeing that it was in the middle of checking seven-character passwords, but then I checked back later and it was checking six-character passwords. This morning, five. I wanted to understand — I assumed (without doing a deep dive on the mechanics) that it would just go literally incrementally. aaaaa, aaaab, aaaac, etc. That was an incorrect assumption.<\/p>\n\n\n\n
John’s incremental mode actually operates on “trigraph frequencies.” While I understand the concept of trigraph frequencies (certain sets of three characters occur more frequently than others, and this can help with decryption efforts, I have my doubts as to whether this helps in cracking passwords. Passwords aren’t always natural speech, after all.<\/p>\n\n\n\n
Anyhow, it’s been running for two days now, and I’ll post about it again when it’s done just to give an idea of whether it’s successful, and if so, how long it took vs the complexity of the password.<\/p>\n\n\n\n
If anyone else wants to try using similar or other methods, let me know, and I’ll send you the hash (generated by office2john). No, I can’t send you the actual document. That would be unethical.<\/p>\n","protected":false},"excerpt":{"rendered":"
I have an assignment to crack an Office password for a document. I have tried using john and hashcat with several large wordlists, and had no luck, so I decided … <\/p>\n