recovering a password with hashcat / joffice2john
#1
Hi,

I am trying to recover a password for the first time. How would you solve this as I am not getting the result? 
I have tried with Hashcat and John the Ripper. 

How can I obtain a very comprehensive john.lst or nmap.lst list, or how can I make the software try all possibilities indefinitely?

Thank.


Attached Files
.png   Screen_2024-01-15_20-30-02.png (Size: 191.92 KB / Downloads: 20)
.png   Screen_2024-01-15_20-30-51.png (Size: 184.23 KB / Downloads: 11)
.png   Screens_2024-01-15_20-45-12.png (Size: 246.22 KB / Downloads: 14)
Reply
#2
Out of 116 visits, is there not a single sympathetic person to advise me? Can you give me a clue why am I not getting the result? Did I make a mistake in typing the command in the terminal screen? How do I train the software or make it search indefinitely? The search stops after one minute.
Reply
#3
you must find it funny that I took the K ali version just for that, not really knowing how to make hashcat work already Big Grin I don't know Linux at all and I took this distribution because it already included the tools. I did not succeed under w11
Reply
#4
(01-15-2024, 09:40 PM)aqw Wrote: Hi,

I am trying to recover a password for the first time. How would you solve this as I am not getting the result? 
I have tried with Hashcat and John the Ripper. 

How can I obtain a very comprehensive john.lst or nmap.lst list, or how can I make the software try all possibilities indefinitely?

Thank.

Wordlists can be found in many places or you can create your own if you have any clues to what the password could be. Just make a google search.
Many wordlists are found at fx weakpass.com and hashmob.net.
You can also brute force, but the hash rate on mode 9600 is quite low.... But if you need to, use -a3 for brute force and -i for increment. Have a look at hashcat wiki.
Oh, and using a VM to run hash cracking on is not recommended.
Reply
#5
first your password list is very small, 5000 passwords are a very tiny list

just take a look here, https://github.com/danielmiessler/SecLis.../Passwords

there are many other lists you can try but this will also not guarantee, that your searched password is in there

to generate more password candidates see the wiki about rules (there are some rulesets already preshipped with hashcat, that will lead to more inpuut even with small lists (use the dive rulset for example)

last option would be bruteforce, but with just 3000 hashes per second is it not worth trying, except you have real good infos about the pass like lenght or passwordstyle
Reply