Posts: 6
Threads: 2
Joined: Feb 2020
02-22-2020, 03:34 AM
(This post was last modified: 02-22-2020, 03:37 AM by silekonn.)
Hello,
Hashcat looks to be a great utility. With it I hope to be able to recover my buddy's will after he lost the password in a cellular phone (single point of) failure. It saves retyping dozens of pages of information.
The current goal is to recover the password that is partially known. It is a combination of three words in pseudo-1337 ( i/1, e/@ and o/0). Can Hashcat be set to combinator with three or more dictionaries? I am aware of the technical documentation here: https://hashcat.net/wiki/doku.php?id=rule_based_attack .
I understand there are paid utilities to decrypt the files (Office 2007 spreadsheet and word documents). Due to the sensitive nature of the material, sharing the files is not desirable. Failing deciphering the rules document (a daunting task), will someone assist with or minimally point to a means to design a rules file for compensation?
T. I. A.
silekonn
Posts: 386
Threads: 2
Joined: Dec 2015
This seems like quite the challenge for recovery, lots of keyspace built up very quickly when doing combo3 with rules. Are you certain the type of document? The earlier document versions can be collided and decrypted with little effort, even not knowing the password. 2007 and up though require actually cracking the password, sadly.
Given the nature of the documents and password information, it may be easier or at least more comfortable to have this discussion in private. PM me and I can help you get setup.
Posts: 6
Threads: 2
Joined: Feb 2020
I am aware of the "password" scheme used on 2003 and earlier. I have the documents, I assisted editing and revising them after a lawyer wrote the originals. I am certain they are Office 2007. The dictionary is only a dozen items or less long. The tricky part is the two or three substitutions, e for @ and etcetera. Is combo3 a reality?
Posts: 386
Threads: 2
Joined: Dec 2015
Yes, Combinator3 is actually a tool we distribute in the hashcat-utils. It will still be a bit of a hefty task if you start applying rules to them but it is, from a technical standpoint, pretty easy to setup.
Posts: 6
Threads: 2
Joined: Feb 2020
Chick3nman,
I private messaged you a week or two ago. Please contact me if you have time. If anyone else sees this and has the wits I will compensate if necessary. Any assistance is appreciated.
Thank you.
Posts: 2,268
Threads: 16
Joined: Feb 2013
03-06-2020, 09:38 PM
(This post was last modified: 03-06-2020, 10:31 PM by philsmd.)
combining 3 dicts is essentially the same as combining 2 dicts and "add" the dict again (1+1+1 = (1+1)+1 = 3).
you could use combinator3.bin from hashcat-utils (
https://hashcat.net/wiki/doku.php?id=has...ombinator3 ,
https://github.com/hashcat/hashcat-utils ,
https://github.com/hashcat/hashcat-utils/releases).
you could also (as mentioned) combine just 2 dicts (as a pre-computation step and save it to disk) and use -a 1 (combinator attack) to "add" the second combination.
If the total number of words is small (even if combined 3 times n * n * n == n^3 ), the best approach could be to pre-compute this large dict already to be able to use -a 0 together with -r in hashcat (there are alternatives with --stdout/pipe/stdin etc if the total combination is too large, but you still need to use rule files -r ).
The rules could look something like this (see
https://hashcat.net/wiki/doku.php?id=rule_based_attack):
Code:
:
si1
se@
so0
si1 se@
si1 so0
se@ so0
si1 se@ so0
There are also other example of leet rule in hashcat's rule folder:
rules/Incisive-leetspeak.rule (
https://github.com/hashcat/hashcat/blob/...speak.rule)
rules/leetspeak.rule (
https://github.com/hashcat/hashcat/blob/...speak.rule)
rules/unix-ninja-leetspeak.rule (
https://github.com/hashcat/hashcat/blob/...speak.rule)
but of course these are much more advanced rules and might be too many rules depending on how large your word list already is etc... Furthermore, several rule files for instance do not have the "se@" rule (actually this is quite uncommon normally you would replace "a" with "@", if at all)... so maybe a custom rule file could be best if you know exactly what needs to be replaced
Posts: 6
Threads: 2
Joined: Feb 2020
03-08-2020, 05:39 AM
(This post was last modified: 03-08-2020, 05:56 AM by silekonn.)
The combinator may not be the solution. What is needed is three names combined with the special characters there or not there. For that rules are the solution. I am a student and Spring Break aside I do not have the time to learn rules file creation. Does anyone know a service to crack the file (by hash)?
Posts: 2,301
Threads: 11
Joined: Jul 2010
you can try your luck on the hashkiller.co.uk forums.
Posts: 6
Threads: 2
Joined: Feb 2020
(03-08-2020, 02:49 PM)undeath Wrote: you can try your luck on the hashkiller.co.uk forums.
The website does not appear to be functional?
Posts: 71
Threads: 21
Joined: Jul 2016
04-12-2020, 10:42 AM
(This post was last modified: 04-12-2020, 10:47 AM by freeroute.)
(04-12-2020, 07:57 AM)silekonn Wrote: (03-08-2020, 02:49 PM)undeath Wrote: you can try your luck on the hashkiller.co.uk forums.
The website does not appear to be functional?
There was a change of ownership at the end of the year.
Forum can be access here:
https://forum.hashkiller.io
Escrow system:
https://hashes.com
