Cracking password protected MS Office files using Hashcat

-

Part of the series (2 of 2) cracking password protected MS Office files.

Whether it is a forensic investigation or even in private life, we might need to open a password protected file which might contain a personal information or information that can change the direction of investigation. For those files, unlike common belief, depending on the length of password, it is actually possible to crack the file reach the data inside. But in order to that, we must have the correct tools and right approach. 

In this article, I am going to show how to crack a password protected MS office file using Hashcat on Linux Ubuntu OS step by step.

Extracting password hash from the file

In our case, we are going to have example.xlsx file which is protected with password. The first thing to do here is to extract the hash of the password which can be done using John The Ripper. This step is explained in my previous article, which can be found here. Note that we are going to need the text file that is containing password hash that we have extracted previously.

If you successfully extracted the hash and written it inside a text file then we can move on the next step, cracking it using highly skilled Hashcat.

Setting up Hashcat on Linux

Hashcat is a highly skilled password cracking tool that is pretty much best in its class. Hashcat can be installed using the following command:

apt-get install hashcat

OR 

sudo-apt get install hashcat

if it asks you about sudo password just enter and it will start downloading package.

Downloading dictionaries for dictionary attack

Before starting brute force attack, I always prefer a quick dictionary attack. Cupp is very skilled for that job. As it can generate a smart dictionary with creating a combination using given input, it also has pre-defined word lists that can quickly be downloaded and used.

In order to download cupp, you can use the following command:

apt-get install cupp

using "cupp -l" command, you can download large variety of dictionaries in different languages.

Cracking password with Hashcat

As I mentioned before, Hashcat is a highly skilled password cracking tool, which contains a suitable cracking mechanism for most of the widely used hashing algorithms. 

Maybe one of the most important things to remember before starting attack on the protected file is to detect hash code equivalent to hashing method used for encrypting password. Detailed list of hash codes can be found here.

In our case, since our password protected file is a xlsx file which is created in Office 2010, our hash code will be 9500. If we use the wrong code then attack won't run as expected.

Step 1: Dictionary Attack

The dictionary I have downloaded previously is called dictionary.txt and my hash file hash.txt both are located on my computer desktop. Once I change the directory to desktop, in order to start the attack, we must run the following code:

hashcat -a 0 -m 9500 --force hash.txt dictionary.txt

"-a 0" here means that attack is a dictionary attack
and "-m 9500" means that our hash is encyrpted with Office 2010 hashing algorithm.

Detailed information on command types can be found here.

Once the code is run, it should take only a few seconds to crack the file in case it is matched with one of the keywords that is listed in our dictionary.txt.

Once it is cracked, we must see something similar to this:
 
Session..........: hashcat
Status...........: Cracked
Hash.Type........: MS Office 2010
Hash.Target......: $office$*2010*100000*128*16*c32223543116fa8ba50599...54e44c
Time.Started.....: Sun Apr 18 19:04:06 2021 (11 secs)
Time.Estimated...: Sun Apr 18 19:04:17 2021 (0 secs)
Guess.Base.......: File (dictionary.txt)
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:     2335 H/s (0.59ms) @ Accel:1024 Loops:64 Thr:1 Vec:16
Recovered........: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 26130/26130 (100.00%)
Rejected.........: 0/26130 (0.00%)
Restore.Point....: 24576/26130 (94.05%)
Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:99968-100000
Candidates.#1....: ya -> XYZ 

If you get Status: Exhausted, then which means that password is not cracked. Now lets hop onto the second step, which is the brute force attack.  
 

Step 2: Brute Force (Mask) Attack

Brute force attack in Hashcat is enhanced with mask attack, which means that we can restrict number of possibilities in order to shorten the time for cracking process. 

For example, if we have a clue on if the password could be in capitilased letters or lowercase letters, then we can shape our attack using letters like ?a, ?l, ?d by restricting possible combinations. Which are listed below:

l | abcdefghijklmnopqrstuvwxyz
u | ABCDEFGHIJKLMNOPQRSTUVWXYZ
d | 0123456789
s | !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
a | ?l?u?d?s
b | 0x00 - 0xff

In our case, lets say we have no information that our password is made using either uppercase, lowercase letters or special characters. Then the option we will choose will be ?a. As it contains all possibilites. Note that trying combinations of all characters would take significant amount of time compared to uppercase or lowercase letter combinations.

Once we are set, lets run the following code:

hashcat -a 3 -m 9500 --force hash.txt ?a?a?a

"-a 3" here means that attack is a brute force attack
and number of "?a"s represents number of characters which our password can contain. "?a?a?a" means that our password consists of 3 characters (exact number ). If we would like to try all possibilities, then we can use "--increase"command.

Once our password is cracked, we will get something similar to this:
 
Session..........: hashcat
Status...........: Cracked
Hash.Type........: MS Office 2010
Hash.Target......: $office$*2010*100000*128*16*c3932223543116fa8ba50599...54e44c
Time.Started.....: Mon Apr  5 14:30:10 2021 (1 min, 6 secs)
Time.Estimated...: Mon Apr  5 14:31:16 2021 (0 secs)
Guess.Mask.......: ?a?a?a [3]
Guess.Queue......: 1/1 (100.00%)
Speed.#1.........:     2234 H/s (10.00ms) @ Accel:1024 Loops:256 Thr:1 Vec:16
Recovered........: 1/1 (100.00%) Digests, 1/1 (100.00%) Salts
Progress.........: 147456/456976 (32.27%)
Rejected.........: 0/147456 (0.00%)
Restore.Point....: 0/17576 (0.00%)
Restore.Sub.#1...: Salt:0 Amplifier:17-18 Iteration:99840-100000
Candidates.#1....: EAR-> EOV

Once we get Status: Cracked, then we are good to go. If cracked password is not shown on the screen, then you can add --show at the end of  the code and run it again as follows:

hashcat -a 3 -m 9500 --force hash.txt ?a?a?a --show

Note: Burte force attack for special characters could take years when password is too long. So I would recommend to start cracking with uppercase and lowercase characters for possible long password combinations. Special characters must be used as the last resort.

Yorumlar

Yorum Gönder

Bu blogdaki popüler yayınlar

Setting up FTK Imager on Ubuntu OS installed USB Drive

-
One of the most suitable methods for disk imaging is using Linux distributions. For this process, the operating system must have FTK Imager software installed, which allows image capture with the E.01 extension. Among the Linux distributions, only the Deft Zero operating system comes with this application pre-installed. For other Linux distributions, the FTK Imager software needs to be installed within these systems to perform imaging. The Ubuntu operating system allows direct imaging on devices with the new generation (UEFI) boot system without switching to the Legacy Boot Option in the UEFI interface, unlike other Linux versions. Therefore, it is recommended to use Ubuntu on customer devices where the Legacy option does not appear in the Boot Option or where Boot settings cannot be changed. First, a folder is created within the Ubuntu USB with write and delete permissions: sudo mkdir /opt/ftk-imager sudo chmod 777 /opt/ftk-imager The FTK Imager.tar file, located on another USB, is...
Devamı

Extracting hash values from MS Office files using John The Ripper on Linux

-
Resim
Part of the series (1 of 2) cracking password protected MS Office files. When we encrypt a document such as xls, xlsx, docx etc., the password we use for encryption is usually kept (embedded) as a calculated hash inside source code of the file. Hence, the most important thing here is to define the correct approach which will be the most useful for detecting and extracting that hash file.  What is hash? Hash is a product of a information that is calculated using a hashing algorithm. Saying that, each hashing algorithm has different calculation methods, so that aspects and calculating times vary for each of them. I prefer to keep that section short, as we will take a detailed look into it in another post. MS Office hashing algorithm formats For protected office files, usually combined hashing algorithms are preferred. As they vary on the MS office version, a hashing file belonging to MS Office 2013 will usually look like the following format:  MS Office ⇐ 2003 MD5 + RC4, oldoffi...
Devamı