Hi, I'm working on a Office 2013 file and I'm pretty sure I have the correct password in my dictionary, but after hours spent cracking I get no results. So I did a pretty simple test: I created a Word document, applied the procedure to encrypt it with passpass as password, extracted the hash with office2hashcat (or office2john is the same) and tried:
- a simple wordlist of 10 password, containing also passpass
- a bruteforce session for passpas?l
Both end with no success, even if the password is there for sure.
Using 5.10 on Win as:
hashcat64.exe -a 0 -m 9600 \Work\test.hsh \Work\test.txt
or
hashcat64.exe -a 3 -m 9600 \Work\test.hsh passpas?l
The hash was obtained as:
$office$*2013*100000*256*16*8b35c1c9d47628bcd8e6fd3225c7a816*56f7f0f311080fe61fef145f14072971*221e2a3a0957a92021da211700d3ea44ca7759f9f1b1e56c2acc7ea308ea52f4
I think I'm doing somethign horribly wrong, but can't find what it is. Anyone who can help me?
Thanks
- a simple wordlist of 10 password, containing also passpass
- a bruteforce session for passpas?l
Both end with no success, even if the password is there for sure.
Using 5.10 on Win as:
hashcat64.exe -a 0 -m 9600 \Work\test.hsh \Work\test.txt
or
hashcat64.exe -a 3 -m 9600 \Work\test.hsh passpas?l
The hash was obtained as:
$office$*2013*100000*256*16*8b35c1c9d47628bcd8e6fd3225c7a816*56f7f0f311080fe61fef145f14072971*221e2a3a0957a92021da211700d3ea44ca7759f9f1b1e56c2acc7ea308ea52f4
I think I'm doing somethign horribly wrong, but can't find what it is. Anyone who can help me?
Thanks