Posts: 3
Threads: 1
Joined: Sep 2024
09-01-2024, 06:17 AM
(This post was last modified: 09-01-2024, 06:18 AM by GranolaClover15.)
Hello! New here!, I lost my password for my dream journal Onenote Protected Section, I do remember though I used dumb common password.
I extracted to what seems like sections of what look like hash of the section but I don't know how to format it into format that hashcat can use can someone helped me format these? Thanks!
Code:
<encryption xmlns="http://schemas.microsoft.com/office/2006/encryption" xmlns:p="http://schemas.microsoft.com/office/2006/keyEncryptor/password" xmlns:c="http://schemas.microsoft.com/office/2006/keyEncryptor/certificate"><keyData saltSize="16" blockSize="16" keyBits="256" hashSize="64" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC" hashAlgorithm="SHA512" saltValue="q/1sFWbCyoiitwts/9q4UQ==" /><keyEncryptors><keyEncryptor uri="http://schemas.microsoft.com/office/2006/keyEncryptor/password"><p:encryptedKey spinCount="100000" saltSize="16" blockSize="16" keyBits="256" hashSize="64" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC" hashAlgorithm="SHA512" saltValue="L7V4zQP7/eAXYSSSPIE6+A==" encryptedVerifierHashInput="msZT/YGku6DRSO5kgZ/N8w==" encryptedVerifierHashValue="D5wx0qRR7Qb579D8TmVnKjk+3hfIEDfIq6lVZgZqpypNYgRE9JCXyj34zoSvNZEK/9gnLQC2rbpxl1eTAW9xwQ==" encryptedKeyValue="kat0pRF/fTqKt9rF+gK9AAYDVf9K5Tv+DT/t6FwnkOs=" /></keyEncryptor></keyEncryptors></encryption>
Code:
<encryption xmlns="http://schemas.microsoft.com/office/2006/encryption" xmlns:p="http://schemas.microsoft.com/office/2006/keyEncryptor/password" xmlns:c="http://schemas.microsoft.com/office/2006/keyEncryptor/certificate"><keyData saltSize="16" blockSize="16" keyBits="256" hashSize="64" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC" hashAlgorithm="SHA512" saltValue="q/1sFWbCyoiitwts/9q4UQ==" /><keyEncryptors><keyEncryptor uri="http://schemas.microsoft.com/office/2006/keyEncryptor/password"><p:encryptedKey spinCount="100000" saltSize="16" blockSize="16" keyBits="256" hashSize="64" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC" hashAlgorithm="SHA512" saltValue="L7V4zQP7/eAXYSSSPIE6+A==" encryptedVerifierHashInput="msZT/YGku6DRSO5kgZ/N8w==" encryptedVerifierHashValue="D5wx0qRR7Qb579D8TmVnKjk+3hfIEDfIq6lVZgZqpypNYgRE9JCXyj34zoSvNZEK/9gnLQC2rbpxl1eTAW9xwQ==" encryptedKeyValue="kat0pRF/fTqKt9rF+gK9AAYDVf9K5Tv+DT/t6FwnkOs=" /></keyEncryptor></keyEncryptors></encryption>
Posts: 888
Threads: 15
Joined: Sep 2017
09-03-2024, 02:54 PM
(This post was last modified: 09-03-2024, 02:55 PM by Snoopy.)
(09-01-2024, 06:17 AM)GranolaClover15 Wrote: Hello! New here!, I lost my password for my dream journal Onenote Protected Section, I do remember though I used dumb common password.
I extracted to what seems like sections of what look like hash of the section but I don't know how to format it into format that hashcat can use can someone helped me format these? Thanks!
Code:
<encryption xmlns="http://schemas.microsoft.com/office/2006/encryption" xmlns:p="http://schemas.microsoft.com/office/2006/keyEncryptor/password" xmlns:c="http://schemas.microsoft.com/office/2006/keyEncryptor/certificate"><keyData saltSize="16" blockSize="16" keyBits="256" hashSize="64" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC" hashAlgorithm="SHA512" saltValue="q/1sFWbCyoiitwts/9q4UQ==" /><keyEncryptors><keyEncryptor uri="http://schemas.microsoft.com/office/2006/keyEncryptor/password"><p:encryptedKey spinCount="100000" saltSize="16" blockSize="16" keyBits="256" hashSize="64" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC" hashAlgorithm="SHA512" saltValue="L7V4zQP7/eAXYSSSPIE6+A==" encryptedVerifierHashInput="msZT/YGku6DRSO5kgZ/N8w==" encryptedVerifierHashValue="D5wx0qRR7Qb579D8TmVnKjk+3hfIEDfIq6lVZgZqpypNYgRE9JCXyj34zoSvNZEK/9gnLQC2rbpxl1eTAW9xwQ==" encryptedKeyValue="kat0pRF/fTqKt9rF+gK9AAYDVf9K5Tv+DT/t6FwnkOs=" /></keyEncryptor></keyEncryptors></encryption>
Code:
<encryption xmlns="http://schemas.microsoft.com/office/2006/encryption" xmlns:p="http://schemas.microsoft.com/office/2006/keyEncryptor/password" xmlns:c="http://schemas.microsoft.com/office/2006/keyEncryptor/certificate"><keyData saltSize="16" blockSize="16" keyBits="256" hashSize="64" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC" hashAlgorithm="SHA512" saltValue="q/1sFWbCyoiitwts/9q4UQ==" /><keyEncryptors><keyEncryptor uri="http://schemas.microsoft.com/office/2006/keyEncryptor/password"><p:encryptedKey spinCount="100000" saltSize="16" blockSize="16" keyBits="256" hashSize="64" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC" hashAlgorithm="SHA512" saltValue="L7V4zQP7/eAXYSSSPIE6+A==" encryptedVerifierHashInput="msZT/YGku6DRSO5kgZ/N8w==" encryptedVerifierHashValue="D5wx0qRR7Qb579D8TmVnKjk+3hfIEDfIq6lVZgZqpypNYgRE9JCXyj34zoSvNZEK/9gnLQC2rbpxl1eTAW9xwQ==" encryptedKeyValue="kat0pRF/fTqKt9rF+gK9AAYDVf9K5Tv+DT/t6FwnkOs=" /></keyEncryptor></keyEncryptors></encryption>
just take a look at john the ripper (jtr) and its tools, in this case office2john (python or exe, sometimes there are boot variants, depending on your system)
jtr and hashcat using the same hashstyle conventions, so they are basically full compatible, jtr sometime adds more infos which are unnecessary, just take a look at
https://hashcat.net/wiki/doku.php?id=example_hashes to see what infos are needed
most times jtr adds filenames at the end or beginning, just strip these infos
Posts: 3
Threads: 1
Joined: Sep 2024
(09-03-2024, 02:54 PM)Snoopy Wrote: (09-01-2024, 06:17 AM)GranolaClover15 Wrote: Hello! New here!, I lost my password for my dream journal Onenote Protected Section, I do remember though I used dumb common password.
I extracted to what seems like sections of what look like hash of the section but I don't know how to format it into format that hashcat can use can someone helped me format these? Thanks!
Code:
<encryption xmlns="http://schemas.microsoft.com/office/2006/encryption" xmlns:p="http://schemas.microsoft.com/office/2006/keyEncryptor/password" xmlns:c="http://schemas.microsoft.com/office/2006/keyEncryptor/certificate"><keyData saltSize="16" blockSize="16" keyBits="256" hashSize="64" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC" hashAlgorithm="SHA512" saltValue="q/1sFWbCyoiitwts/9q4UQ==" /><keyEncryptors><keyEncryptor uri="http://schemas.microsoft.com/office/2006/keyEncryptor/password"><p:encryptedKey spinCount="100000" saltSize="16" blockSize="16" keyBits="256" hashSize="64" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC" hashAlgorithm="SHA512" saltValue="L7V4zQP7/eAXYSSSPIE6+A==" encryptedVerifierHashInput="msZT/YGku6DRSO5kgZ/N8w==" encryptedVerifierHashValue="D5wx0qRR7Qb579D8TmVnKjk+3hfIEDfIq6lVZgZqpypNYgRE9JCXyj34zoSvNZEK/9gnLQC2rbpxl1eTAW9xwQ==" encryptedKeyValue="kat0pRF/fTqKt9rF+gK9AAYDVf9K5Tv+DT/t6FwnkOs=" /></keyEncryptor></keyEncryptors></encryption>
Code:
<encryption xmlns="http://schemas.microsoft.com/office/2006/encryption" xmlns:p="http://schemas.microsoft.com/office/2006/keyEncryptor/password" xmlns:c="http://schemas.microsoft.com/office/2006/keyEncryptor/certificate"><keyData saltSize="16" blockSize="16" keyBits="256" hashSize="64" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC" hashAlgorithm="SHA512" saltValue="q/1sFWbCyoiitwts/9q4UQ==" /><keyEncryptors><keyEncryptor uri="http://schemas.microsoft.com/office/2006/keyEncryptor/password"><p:encryptedKey spinCount="100000" saltSize="16" blockSize="16" keyBits="256" hashSize="64" cipherAlgorithm="AES" cipherChaining="ChainingModeCBC" hashAlgorithm="SHA512" saltValue="L7V4zQP7/eAXYSSSPIE6+A==" encryptedVerifierHashInput="msZT/YGku6DRSO5kgZ/N8w==" encryptedVerifierHashValue="D5wx0qRR7Qb579D8TmVnKjk+3hfIEDfIq6lVZgZqpypNYgRE9JCXyj34zoSvNZEK/9gnLQC2rbpxl1eTAW9xwQ==" encryptedKeyValue="kat0pRF/fTqKt9rF+gK9AAYDVf9K5Tv+DT/t6FwnkOs=" /></keyEncryptor></keyEncryptors></encryption>
just take a look at john the ripper (jtr) and its tools, in this case office2john (python or exe, sometimes there are boot variants, depending on your system)
jtr and hashcat using the same hashstyle conventions, so they are basically full compatible, jtr sometime adds more infos which are unnecessary, just take a look at https://hashcat.net/wiki/doku.php?id=example_hashes to see what infos are needed
most times jtr adds filenames at the end or beginning, just strip these infos
Thank you for the reply! I seems to having issues cracking -m 9600 on my RX 580, when i try to crack the test example hash I'm get OpenCL kernel self test failed any clue what causing these? I already tried installing HIP SDK and using beta version of hashcat but still no luck
Code:
./hashcat.exe -m 9600 -o cracked.txt hash.txt test.txt
hashcat (v6.2.6) starting
hiprtcCompileProgram is missing from HIPRTC shared library.
OpenCL API (OpenCL 2.1 AMD-APP (3584.0)) - Platform #1 [Advanced Micro Devices, Inc.]
=====================================================================================
* Device #1: Radeon RX 580 Series, 8064/8192 MB (6745 MB allocatable), 36MCU
Minimum password length supported by kernel: 0
Maximum password length supported by kernel: 256
Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Rules: 1
Optimizers applied:
* Zero-Byte
* Single-Hash
* Single-Salt
* Slow-Hash-SIMD-LOOP
* Uses-64-Bit
Watchdog: Temperature abort trigger set to 90c
Host memory required for this attack: 281 MB
* Device #1: ATTENTION! OpenCL kernel self-test failed.
Your device driver installation is probably broken.
See also: https://hashcat.net/faq/wrongdriver
Aborting session due to kernel self-test failure.
You can use --self-test-disable to override, but do not report related errors.
Started: Wed Sep 04 13:47:28 2024
Stopped: Wed Sep 04 13:47:36 2024
Posts: 3
Threads: 1
Joined: Sep 2024
I Cracked the hash with john the ripper thankfully it was really simple password so its not take that long on CPU, Thanks for your help!