02-07-2017, 01:06 PM
I was recently checking how Hashcat is working with encrypted Office files.
I have generated two docx files (one with Office 2010, and second 2016) with encryption and simple password - ąąą - three polish special letters represented in unicode as U+0105.
What I've tried so far:
1. Brutforce by default settings - Exhausted
2. Bruteforce with charset and mask ?1?1?1
2.1 Tried evry polish charset in HC packet - Exhausted
2.2 Generated .txt (saved as .hcchr) files using notepad++ with every possible encoding (ANSI, UTF-8 wo BOM, UTF-8, UCS-2 Big Endian; USC-2 Little Endian) -Exhausted
2.3 Generated .txt (then saved as .hcchr in N++) using WORD with specified encoding (unicode, UTF-8, UTF-7) - Exhausted
My command
hashcat64.exe -a 3 -m 9500 -w 3 $office$*2010*100000*128*16*[..] --powertune-enable -o found-[..].txt -4 C:\[..]\hashcat-3.20\hashcat-3.20\charsets\<<charsetfile>> ?4?4?4
I cannot figure out what im missing. Any ideas?
Thanks in advance.
I have generated two docx files (one with Office 2010, and second 2016) with encryption and simple password - ąąą - three polish special letters represented in unicode as U+0105.
What I've tried so far:
1. Brutforce by default settings - Exhausted
2. Bruteforce with charset and mask ?1?1?1
2.1 Tried evry polish charset in HC packet - Exhausted
2.2 Generated .txt (saved as .hcchr) files using notepad++ with every possible encoding (ANSI, UTF-8 wo BOM, UTF-8, UCS-2 Big Endian; USC-2 Little Endian) -Exhausted
2.3 Generated .txt (then saved as .hcchr in N++) using WORD with specified encoding (unicode, UTF-8, UTF-7) - Exhausted
My command
hashcat64.exe -a 3 -m 9500 -w 3 $office$*2010*100000*128*16*[..] --powertune-enable -o found-[..].txt -4 C:\[..]\hashcat-3.20\hashcat-3.20\charsets\<<charsetfile>> ?4?4?4
I cannot figure out what im missing. Any ideas?
Thanks in advance.