Is it possible to attack a Word 2003 doc with a 128 bits RC4 key ? ($oldoffice $4)

Is it possible to attack a Word 2003 doc with a 128 bits RC4 key ? ($oldoffice $4) - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Is it possible to attack a Word 2003 doc with a 128 bits RC4 key ? ($oldoffice $4) (/thread-11069.html)

Is it possible to attack a Word 2003 doc with a 128 bits RC4 key ? ($oldoffice $4) - lionbladerunner - 10-16-2022

Hello guys,

So I have this old Word 2003 file that I forgot the password of. I tried numerous way to recover the password, but with no success so far.

A fellow hashcat user shared with me the method https://hashcat.net/forum/thread-3665.html which consist of attacking the RC4 key, instead of the password itself.

The thing is, my document is an $oldoffice$4 with SHA1 + 128 bits RC4, while the oldoffice 1, 2 and 3 have a 40 bits RC4, so the method described in the post doesn't work.

My question is : since Word 2003 is a nearly 20 years old format, are there other know vulnerabilities that I can exploit to get access to the file without knowing the password ?

RE: Is it possible to attack a Word 2003 doc with a 128 bits RC4 key ? ($oldoffice $4) - marc1n - 10-16-2022

You can't break a hash with a vulnerability, try using john the ripper maybe it will help https://www.openwall.com/john/

RE: Is it possible to attack a Word 2003 doc with a 128 bits RC4 key ? ($oldoffice $4) - lionbladerunner - 10-17-2022

(10-16-2022, 10:50 AM)marc1n Wrote: You can't break a hash with a vulnerability, try using john the ripper maybe it will help https://www.openwall.com/john/

Thanks, I installed john the ripper and looked at the documentation, but it looks like an inferior version of hashcat, and doesn't seem capable of exploiting any vulnerabilities.

Am I missing something ?

RE: Is it possible to attack a Word 2003 doc with a 128 bits RC4 key ? ($oldoffice $4) - marc1n - 10-17-2022

(10-17-2022, 04:08 PM)lionbladerunner Wrote:
(10-16-2022, 10:50 AM)marc1n Wrote: You can't break a hash with a vulnerability, try using john the ripper maybe it will help https://www.openwall.com/john/

Thanks, I installed john the ripper and looked at the documentation, but it looks like an inferior version of hashcat, and doesn't seem capable of exploiting any vulnerabilities.

Am I missing something ?

Programmes such as hashcat or john do not exploit the vulnerabilities or gaps found. They only break hashes.