digital-forensics-labs/Ubalt
1
0
Fork 0
mirror of https://github.com/frankwxu/Ubalt.git synced 2026-04-10 12:33:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

add crack word password

Browse Source
This commit is contained in:
Frank Xu
2018-10-12 09:27:21 -04:00
parent b3c4ca5438
commit 2f7aad612e
5 changed files with 3111 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
FSCS727_Forensics/Labs/Crack_Password_Word/Crack_Word_Password.pptx Normal file
View File

Binary file not shown.

28
FSCS727_Forensics/Labs/Crack_Password_Word/crack_word_lab.TXT Normal file
View File

@@ -0,0 +1,28 @@
RC4 tutorial: https://www.youtube.com/watch?v=jjjq41bGzps
https://www.youtube.com/watch?v=lohwg1X0VH8
https://github.com/magnumripper/JohnTheRipper/blob/bleeding-jumbo/run/office2john.py
http://pentestcorner.com/cracking-microsoft-office-97-03-2007-2010-2013-password-hashes-with-hashcat/
For instructor
1. create a link in Dropbox https://www.dropbox.com/s/gxh1kntxkp4hyyx/office2john.py
2. wget https://www.dropbox.com/s/gxh1kntxkp4hyyx/office2john.py // in kali
3. wget https://www.dropbox.com/s/6khc26nlh055cmv/encrypted_file_123abc_2013_v.docx //download the encrypted Word File, the passwword is 123abc
4. chmod 777 office2john.py // make it runable
5. ./office2john.py encrypted_file_123abc_2013_v.docx
6. (debug) if there is any error message, using vim office2john.py to edit file to remove \r
7. (results) encrypted_file_123abc_2013_v.docx:$office$*2013*100000*256*16*8334281da983e08d107cbeebb3e93b90*11a8fcc86ceac30be77d235254878045*405547f6a128015b08c8720ada645e51c5cc5a3f5784907c0f7a59c5f7f912f1
8 . save it to hash.txt
For students
1. http://downloads.skullsecurity.org/passwords/rockyou.txt.bz2 //download
2. https://hashcat.net/hashcat/ //need to unzip
3. unzip and add rockyou.txt to hashcat folder
4. wget https://www.dropbox.com/s/6nrogpktqh4vozh/hash.txt
5. wget https://www.dropbox.com/s/6khc26nlh055cmv/encrypted_file_123abc_2013_v.docx //download the encrypted Word File, the passwword is 123abc
6. hashcat64 -a 0 -m 9600 --username -o result.txt hash.txt rockyou.txt --force
7. type result.txt
8. (results)$office$*2013*100000*256*16*8334281da983e08d107cbeebb3e93b90*11a8fcc86ceac30be77d235254878045*405547f6a128015b08c8720ada645e51c5cc5a3f5784907c0f7a59c5f7f912f1:123abc

BIN
FSCS727_Forensics/Labs/Crack_Password_Word/encrypted_file_123abc_2013_v.docx Normal file
View File

Binary file not shown.

1
FSCS727_Forensics/Labs/Crack_Password_Word/hash.txt Normal file
View File

@@ -0,0 +1 @@
encrypted_file_123abc_2013_v.docx:$office$*2013*100000*256*16*8334281da983e08d107cbeebb3e93b90*11a8fcc86ceac30be77d235254878045*405547f6a128015b08c8720ada645e51c5cc5a3f5784907c0f7a59c5f7f912f1

3082
FSCS727_Forensics/Labs/Crack_Password_Word/office2john.py Normal file
View File

File diff suppressed because it is too large Load Diff