01-28-2024, 10:18 PM
Hi all,
for a relative I want to crack a password from an important Excel 2013 file.
Hash was extracted with John.
Relative gave me a bunch of passwords what it could be, so I put all of those in a wordlist with diff combinations but no luck so I am thinking of Bruteforcing/masking it. It did find a false positive but that password didn't work.
The password consists of a text (only all lower case or only all upper case , or first letter upper case rest lower case) with a suffix that seems to be returning.
Suffix can be : ! ? . @ 0387 0387! 387 387! 387? 0387? 04 04! 04? 1987 1987? 1987! 2020 2020! 2020? 2021 2021! 2021? 2022 2022! 2022? 2023 2023! 2023? 2024 2024! 2024? 4694 4694? 4694! 69 69! 69? 87 87! 87? 05 05! 05? 06 06? 06! 07 07! 07? 08 08? 08! 09 09? 09! 10 10? 10!
A full password could be Coconut0387! COCONUT0387! coconut0387!
From her list the maximum text password (without suffix) is 10 characters. But the full text password could as well be just 3-4 + adding suffix.
What command would hashcat need to crack this pw? Not taking into consideration how many years it would take.
I feel a bit lost here.
Thank you very much for your input.
for a relative I want to crack a password from an important Excel 2013 file.
Hash was extracted with John.
Relative gave me a bunch of passwords what it could be, so I put all of those in a wordlist with diff combinations but no luck so I am thinking of Bruteforcing/masking it. It did find a false positive but that password didn't work.
The password consists of a text (only all lower case or only all upper case , or first letter upper case rest lower case) with a suffix that seems to be returning.
Suffix can be : ! ? . @ 0387 0387! 387 387! 387? 0387? 04 04! 04? 1987 1987? 1987! 2020 2020! 2020? 2021 2021! 2021? 2022 2022! 2022? 2023 2023! 2023? 2024 2024! 2024? 4694 4694? 4694! 69 69! 69? 87 87! 87? 05 05! 05? 06 06? 06! 07 07! 07? 08 08? 08! 09 09? 09! 10 10? 10!
A full password could be Coconut0387! COCONUT0387! coconut0387!
From her list the maximum text password (without suffix) is 10 characters. But the full text password could as well be just 3-4 + adding suffix.
What command would hashcat need to crack this pw? Not taking into consideration how many years it would take.
I feel a bit lost here.
Thank you very much for your input.