Excel crack with possible passwords - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: Excel crack with possible passwords (/thread-11793.html) |
Excel crack with possible passwords - krijmbrulee - 01-28-2024 Hi all, for a relative I want to crack a password from an important Excel 2013 file. Hash was extracted with John. Relative gave me a bunch of passwords what it could be, so I put all of those in a wordlist with diff combinations but no luck so I am thinking of Bruteforcing/masking it. It did find a false positive but that password didn't work. The password consists of a text (only all lower case or only all upper case , or first letter upper case rest lower case) with a suffix that seems to be returning. Suffix can be : ! ? . @ 0387 0387! 387 387! 387? 0387? 04 04! 04? 1987 1987? 1987! 2020 2020! 2020? 2021 2021! 2021? 2022 2022! 2022? 2023 2023! 2023? 2024 2024! 2024? 4694 4694? 4694! 69 69! 69? 87 87! 87? 05 05! 05? 06 06? 06! 07 07! 07? 08 08? 08! 09 09? 09! 10 10? 10! A full password could be Coconut0387! COCONUT0387! coconut0387! From her list the maximum text password (without suffix) is 10 characters. But the full text password could as well be just 3-4 + adding suffix. What command would hashcat need to crack this pw? Not taking into consideration how many years it would take. I feel a bit lost here. Thank you very much for your input. RE: Excel crack with possible passwords - Banaanhangwagen - 01-29-2024 A possible approach could be: make two wordlists; one with all possible base-words, and a second wordlist with all possible suffix. Combine them with -a 1. (this will most likely work if the first part is an existing word and could be found in wikipedia for example) RE: Excel crack with possible passwords - krijmbrulee - 01-29-2024 (01-29-2024, 12:12 AM)Banaanhangwagen Wrote: A possible approach could be: make two wordlists; one with all possible base-words, and a second wordlist with all possible suffix. Combine them with -a 1. Thanks for the input. I should have mentioned what I have already tried: Use of wordlists like Rockyou: negative Use of relative wordlist: negative Split relative wordlist in 2 parts and combine suffixes with all words: negative Used relative word with well known rules from internet : negative L33tspeak: negative So the plan was to bruteforce the word and add her suffixes... but am not sure how to do this. Thank you for helping RE: Excel crack with possible passwords - Banaanhangwagen - 01-29-2024 A Hybrid attack with -a 7 would be a possibility. https://hashcat.net/wiki/doku.php?id=hybrid_attack RE: Excel crack with possible passwords - monyanus - 01-29-2024 Sounds to me like it could be useful to check for typos. Start with running some toggles rules toggles1.rule, toggles2.rule etc. Then try making some own typo rules. For example, if someone would want to write Coconut, they sometimes would write cOCONUT (shift on, use rule "C "), you could also check for swapped adjacent letters (Swap @ p), etc. Sometimes people duplicate their suffix (69? 69?) or add it as prefix as well for extra security (69?COCONUT69?), or duplicate the password entirely COCONUT69?COCONUT69? . If you have not yet, I would try out these options. All of these an much more can be achieved using rules, see description below See rules description https://hashcat.net/wiki/doku.php?id=rule_based_attack On more thing, rockyou includes prefixes and suffixes from users. Perhaps try removing prefixes and suffixes by dropping all digits and special character, sorting and filtering on uniq. Then use that list in combination with you suffix and perhaps with additional toggle rules. Good chance you hit the password with that. Good luck. |