hashcat Forum
Help Please - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: General Help (https://hashcat.net/forum/forum-8.html)
+--- Thread: Help Please (/thread-5537.html)



Help Please - mearlski - 06-22-2016

HI. Im very very new to this so please forgive the very basic request. Ive been "learning" this for around 2 days with no real background in hacking/cracking etc.

Ive made a word document and password protected it - the password is "mike" (nice and simple)

Now I want to learn hop to get hashcat to find the password. I have got the latest version installed and have put the DOC file through QuickHash to generate a hash of the file

I then used youtube (sorry but I needed to start somewhere) to come up with the following - it uses wordlists which appear to be doing the job but my GPU is not being utitlised enough (reported from HASHCAT)

This is the command Im using

cudahashcat64.exe -m 100 -a 3 -o --output-file=cracked.txt --remove hash.txt wordlists/HASHKILLER.TXT

I dont know if its correct or not but Id love to get it running a bruteforce without worldists and using the charactersets

Sorry if this is totally basic but Im struggling a little

Windows PC - 960GTX GPU


RE: Help Please - rico - 06-22-2016

Well for a start -m 100 is SHA1. Shouldn't you be using the appropriate Office mode, 9400/9500/9600 as appropriate?

"I don't know if its correct or not" - Did you flippin' well try?


RE: Help Please - FlippingGerman - 06-22-2016

Read the docs:
cudaHashcat64.exe --help

Note: -o --outfile is wrong; choose either "-o" or "--outfile" followed by your output file. Most CLI programs give you a choice over short arguments or longer meaningful ones. 

Read this, all of it: https://hashcat.net/wiki/doku.php?id=frequently_asked_questions
and follow links from there if you don't understand something. Most of the time you can take an example command and change relevant bits. 

As rico said, use the appropriate Office mode (see the docs). Your command will look something like: 
cudaHashcat64.exe -a 3 -m 9500 -o C:\outputfile C:\hash.txt

That'll run a bruteforce using the default masks; change the paths as appropriate.


RE: Help Please - kiara - 06-22-2016

first u need to get the hash of the DOC file
u can do it with office2john
here the script https://raw.githubusercontent.com/magnumripper/JohnTheRipper/unstable-jumbo/run/office2john.py

after that u got the hash of ur doc file u need to select what kind of attack u want to use, their is 9 atacks on office docs
9700 = MS Office <= 2003 MD5 + RC4, oldoffice$0, oldoffice$1
9710 = MS Office <= 2003 MD5 + RC4, collider-mode #1
9720 = MS Office <= 2003 MD5 + RC4, collider-mode #2
9800 = MS Office <= 2003 SHA1 + RC4, oldoffice$3, oldoffice$4
9810 = MS Office <= 2003 SHA1 + RC4, collider-mode #1
9820 = MS Office <= 2003 SHA1 + RC4, collider-mode #2
9400 = MS Office 2007
9500 = MS Office 2010
9600 = MS Office 2013

if ur doc file is from an office 2007 ur hash should start with $office$*2007*
put ur hash into a file
and start cracking the hash
cudahashcat64.exe -m 9400 -a 3 ?l?l?l?l C:\hashfile.txt -o C:\crackedoutputfile.txt

-m is for type of attack (9400 for office2007)
-a how do u want to crack the hash (3 is bruteforce mode)
?l mean low characters, u could change it as ?a?a?a?a (?a is all, >u is upper case, and so on..)

u should read abit , everything is there https://hashcat.net/wiki/


RE: Help Please - mearlski - 06-22-2016

Thank you all very much for your assistance. I appreciate I should "read a bit" but help from a direct question can often provide confirmation that Im doing it right

"Did you flippin' well try?" of course I did. This is why Im asking on a forum - a place where I was hoping to get assistance. Thankfully I have....

Thanks again for all the assistance. Ill be cracking this out tomorrow.