Now, under "run" you can also find a python script, office2john.py: you can use it for extract the hash from the encrypted XLSX file: If everything goes well, the executables for John and its related utilities will be created under "./run/". The correct way is to extract the password hash from the file and then cracking it using John The Ripper.įor this purpose, you need to get a ' jumbo' build of John The Ripper, that supports Office files cracking. The encryption algorithm of encrypted Microsoft Excel files is 40bit RC4.Īs it is encrypted nothing could be tweaked by opening the document with a hex editor. I did it,and now i'd like to share workflow for XLSX cracking. Obviously, the file was password protected, and I had to find a way to read it. Recently, during a forensic analysis on a laptop of an employee charged with corporate espionage, I've carved from disk a suspicious Excel file.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |