hashcat Forum

Full Version: Write protected Word-File
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

I've got a write-protected Word-File. I know how to remove the protection, but is it possible to find out the password? All the howto's are for read-protected files and the office2john.py doesn`t find a hash.

When I convert the document to an xml-file I got the following:

<w:documentProtection w:edit="forms" w:enforcement="1" w:cryptProviderType="rsaAES" w:cryptAlgorithmClass="hash" w:cryptAlgorithmType="typeAny" w:cryptAlgorithmSid="14" w:cryptSpinCount="100000" w:hash="herecomesthehash" wConfusedalt="herecomesthesalt"/>

So is there a way to get the password from the has an the salt? In the hash-type-list there is no rsaAES.
Time for hashcat to implement world's fastest GNFS to crack RSA!(not that it would help against current secure implementations, like RSA-2048 and RSA-4096, but it'll be a lot of fun).
Let's wait for an expert to chime in.