1st: Install Office2_John
To get started hacking, we'll need to download the tool GitHub since office2john is not included in the standard version of John the Ripper (which should already be installed in your Kali system). This can easily be accomplished with wget.
install wget https://raw.githubusercontent.com/magnumripper/JohnTheRipper/bleeding-jumbo/run/office2john.py
https://raw.githubusercontent.com/magnumripper/JohnTheRipper/bleeding-jumbo/run/office2john.py Resolving raw.githubusercontent.com (raw.githubusercontent.com). 126.96.36.199 Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|188.8.131.52|:443. connected. HTTP request sent, awaiting response. 200 OK Length: 131690 (129K) Saving to: ‘office2john.py’ office2_john.py 100% 128.60K -.-KB/s in 0.09s 2019-02-05 14:34:46 (1.45 MB/s) - ‘office2john.py’ saved [131690/131690]
2st: Make Sure Everything's in Same Directory
In order to run office2_john with Python, we will need to change into the same directory that it was installed into. For most of you, this will be Home by default (just press enter cd), but feel free to create a separate directory.
Next, we need an appropriate file to test this on. I am using a simple text file named "dummy.docx" that I created & password-protected with Word 2007. Download it to follow along. The password is "password123" as you'll find out. You can also download documents made with Word 2010 & Word 2016 (that shows up as 2013) to use for more examples. Passwords for those are also "password123."
3: Extract the Hash with Office2_john
The first thing we need to do is extract the # of our password-protected Office file. Run the following command and pipe the output into "hash.txt" for later use.
python office2john.py dummy.docx > hash.txtverify that the hash was extracted successfully, use the cat command. We can see that the hash I saved corresponds to Microsoft Office 2007. Neat.
4: Crack the Hash You Just Saved
Like already mentioned, we'll be showing you two ways to crack the hash you just saved from the password-protected Microsoft Office file. Both methods work great, so it's really up to preference.
আমি অলিদুর রহমান। বিশ্বের সর্ববৃহৎ বিজ্ঞান ও প্রযুক্তির সৌশল নেটওয়ার্ক - টেকটিউনস এ আমি 4 মাস 1 সপ্তাহ যাবৎ যুক্ত আছি। টেকটিউনস আমি এ পর্যন্ত 30 টি টিউন ও 4 টি টিউমেন্ট করেছি। টেকটিউনসে আমার 1 ফলোয়ার আছে এবং আমি টেকটিউনসে 3 টিউনারকে ফলো করি।
My name is Olidur Rahman, I love technology, Stay tuned with us to know more about Mobile and Computer, tips and tricks should you know because This is technology time and this is my website: http://www.techadvancefree.com/