Colliding password protected MS office 97-2003 documents
#10
Another thing what I've just added, but only for the 9720 kernels, is that those hashes never get marked as "cracked" internally in oclHashcat. That means a matching password will be displayed or stored to outfile as normal, but afterwards oclHashcat can crack it again in case another candidate matches.

This behavior is very unique to this hashmode. If you use this mode, you usually want to know all of the regular password that collide with the document password. I let it run for 20 minutes using the original document linked above. Here's a list of collisions that all do match each other, it's really funny to watch that:
  • hashcat
  • zvDtu!
  • xPWl?:
  • bE>4Eb
  • WURSTSALAT7745
  • rhUrho2020

--
atom


Messages In This Thread
RE: Colliding password protected MS office 97-2003 documents - by atom - 09-10-2014, 05:13 PM