RC4 attack for 40bit Word 97-2003
#1
Hey guys,
im trying to open a password protected word file which uses the old 40bit key to encrypt. 
I used https://hashc.co.uk/office2john because im a computer noob and was to lazy to run a Python Script. I received the following header:
$oldoffice$1*fullresultfromoffice2john

It also recommended Mode 9700 (However i read that mode 9710 is faster as far as i understood). I ran:
"hashcat64.exe -m 9710 $oldoffice$1*fullresultfromoffice2john -a 3 ?b?b?b?b?b -w 3 --potfile-disable" on my windows 7 machine. 

It reached 100% with 0/1 recovered. I tried it on my main device with a 660ti which was super slow (10000kH/s or less, even my laptop is faster, but thats not my problem) and is now @95% progress with no results yet. Tried a mates devide with a 7970 next and it reached 100% with no results in both modes (9700/9710). Am I doing anything wrong? Any suggestions? 
I only need a short answer with correct command in case mine is wrong, im really unexperienced with hashcat. 
Thanks in advance guys!
EDIT: Potential noob mistake: On the 7970 machine i interrupted the 9700 attempt by accident at 60% and restarted it with --skip (just changed the value until i started from 58%), as far as i understood the brute force attack there should be no problem because its only guessing through the whole key space anyway, but hey, as mentioned above im a total noob Big Grin


Messages In This Thread
RC4 attack for 40bit Word 97-2003 - by janmaier27 - 11-15-2017, 10:05 PM
RE: RC4 attack for 40bit Word 97-2003 - by Jiminy - 11-15-2017, 10:48 PM