Microsoft Office files can be password protected to prevent tampering and ensure data integrity. But password-protected documents from earlier versions of Office are susceptible to having their hashs extracted with a simple program called office2john. The extracted hashs can then be cracked by John the Ripper and Hashcat.
Extracting of hash from a password-protected Microsoft Office file takes just seconds with the office2john tool. While the encryption standard of various Office products fluctuated over the years, none of them can stand up for office2john's hash-stealing abilities.
This tool is written in Python and can be run directly from the terminal. Regarding Office compatibility, it is known to work on any password-protected Word, Excel, PowerPoint, OneNote, Project, Access, and Outlook file created with Office 97, Office 2000, Office XP, Office 2003, Office 2007, Office 2010, and Office 2013, including Office for Mac versions. It can't work on new versions of Office, but we saved a DOCX in Office 2016 that was labeled Office 2013.
Step 1: Install Office2John
To get started, we need to download the tool from GitHub office2john is not included in the standard version of John the Ripper (already to be installed in your Kali system). This can easily be done with wget .
--2019-02- 05 14: 34: 45-- https: // raw. githubusercontent.com/magnumripper/JohnTheRipper/bleeding-jumbo/run/office2john.py Solution raw.githubusercontent.com (raw.githubusercontent.com) ... 22.214.171.124 Connect to raw.githubusercontent.com (raw.githubusercontent.com) | 126.96.36.199 |: 443 ... connected. HTTP request sent, waiting for reply ... 200 OK Length: 131690 (129K) [text/plain] Save to: & # 39; office2john.py & # 39; office2john.py 100% [=======================================================================>] 128.60K - .- KB / s in 0.09s 2019-02-05 14:34:46 (1.45 MB / s) - & # 39; office2john.py & # 39; saved [131690/131690]
Step 2: Make sure everything is in the same directory
To be able to run office2john with Python, we have to switch to the same directory in which it was installed. For most of you, this is home by default (just enter cd ), but please create a separate directory.
Next, we need an appropriate file to test this. I use a simple DOCX file named "dummy.docx" that I created and password protected with Word 2007. Download it to follow. The password is "password123" that you find out. You can also download documents made with Word 2010 and Word 2016 (shown as 2013) to use for more examples. Passwords for them are also "password123."
Step 3: Download Hash with Office2john
The first thing we need to do is to extract the hash of our password-protected Office file. Run the following command and touch the output to "hash.txt" for later use.
python office2john.py dummy.docx> hash.txt
To verify that the hash was extracted, use the cat command. We can see that the hash I saved corresponds to Microsoft Office 2007. : Crack what you just saved
As we already mentioned, we show you two ways to crack the hash that you just saved from the password-protected Microsoft Office file. Both methods work well, so it is really high to prefer.
Enter – wordlist flag with the location of your favorite glossary. The one included in Nmap will do for our purposes here, but for harder passwords you might want to go with a more comprehensive dictionary.
john --wordlist = / usr / share / wordlists / nmap .lst hash.txt
Use default input encoding: UTF-8 Loaded 1 password speed (Office, 2007/2010/2013 [SHA1 128/128 SSE2 4x / SHA512 128/128 SSE2 2x AES]) Cost 1 (MS Office version) is 2007 for all loaded hashes Cost 2 (iteration bill) is 50,000 for all loaded hashes Will run 4 OpenMP threads Press "q" or Ctrl-C to cancel, almost any other status key
John will start to crack, and depending on the password complexity, it will be completed when a match is found. Press almost any button to display the current status. When isch is cracked, a message will appear on the screen with the document's password: Because our password was quite simple, it just took seconds to crack it.
password123 (dummy.docx) 1g 0: 00: 00: 03 GÅTT (2019-02-05 15:00) 0.2824g / s 415.8p / s 415.8c / s 415.8C / s lacoste ..kolvdude Use the "- show" option to reliably show all the cracked passers The session ended
We can also use the option – view to view it like this:
john --show hash.txt
dummy.docx: password123 1 password hash cracked, 0 left
Now that we know a method to crack a password-protected Microsoft Office file, let's look at another path with the powerful Hashcat tool.
We can start by showing the help menu ( – help ) for Hashcat. This gives us a wealth of information, including usage options, hash modes and other features. There are lots of information here, so I won't show the production, but you should pop into it if you really want to know Hashcat.
From the production, we are only interested in MS Office hash modes. At the bottom of the help menu, we find the options MS Office mode and their corresponding number. We know from our hash that this is an Office 2007 file, so find its number ID on 9400 .
9700 | MS Office <= 2003 $ 0 / $ 1, MD5 + RC4 | Document 9710 | MS Office <= 2003 $ 0 / $ 1, MD5 + RC4, collider # 1 Document 9720 | MS Office <= 2003 $ 0 / $ 1, MD5 + RC4, collider # 2 | Document 9800 | MS Office <= 2003 $ 3 / $ 4, SHA1 + RC4 | Document 9810 | MS Office <= 2003 $ 3, SHA1 + RC4, collider # 1 | Document 9820 | MS Office <= 2003 $ 3, SHA1 + RC4, collider # 2 | Document 9400 | MS Office 2007 | Document 9500 | MS Office 2010 | Document 9600 | MS Office 2013 | Document
Now we can set the rest of our options with the following command.
hashcat -a 0 -m 9400 - username -sprickad_pass.txt hash.txt /usr/share/wordlists/nmap.lst  The flag -a indicates the type of attack as the default straight mode on 0 .
The -m flag indicates the mode we want to use The - username option ignores any usernames in the hash file. We can specify the output file as cracked.txt with -o flag. And finally, we can forward hash.txt which contains the hash and put a glossary just as we did before.
Hashcat will then start to crack.
hashcat (v5.1.0) starts ... * Device # 2: Not a built-in Intel OpenCL runtime. Expect massive speed loss. You can use - force to override, but do not report related errors. OpenCL Platform # 1: Intel (R) Corporation ======================================== * Unit # 1: Intel (R) Core (TM) i5 CPU M 480 @ 2.67 GHz, 934/3736 MB Distributable, 4MCU ...
After some time has passed, the status is shown as cracked and we are ready to see the password.
Session ..........: hashcat Status ...........: Cracked Hash.Type ........: MS Office 2007 Hash.Target ......: $ office $ * 2007 * 20 * 128 * 16 * a7c7a4eadc2d90fb22c073c6324 ... 2b6870 Time.Started .....: Tue Feb 5 15:08:00 2019 (4 seconds) Time.Estimated ...: Tue Feb 5 15:08:04 2019 (0 sec) Guess.Base .......: File (/usr/share/wordlists/nmap.lst) Guess.Queue ......: 1/1 (100.00%) Speed. # 1 .........: 610 H / s (8.51ms) @ Accel: 512 Tracks: 128 Thr: 1 Vec: 4 Restored ........: 1/1 (100.00%) Digest, 1/1 (100.00%) Salts Progress ...: 2048/5084 (40.28%) Rejected .........: 0/2048 (0.00%) Reset.Point ....: 0/5084 (0.00%) Restore.Sub. # 1 ...: Salt: 0 Amplifier: 0-1 Iteration: 49920-50000 Candidates. # 1 ....: #! Comment: *********************** IMPORTANT NMAP LICENSE TERMS ********** ************ ** -> Princess Started: Tue Feb 5 15:07:50 2019 Stopped: Tue Feb 5 15:08:05 2019
Simply cat issued the specified output file, and it will display the ice with the plaintext password stuck at the end. ! Now we know two methods of cracking the hock after removing it from a password-protected Microsoft Office file with office2john.
How to Defend Against Cracks
As for password cracking of any kind, the best defense technique is to use best practices for passwords. This means that you use unique passwords that are long and not easy to guess. It helps to use a combination of upper and lower case letters, numbers and symbols, although new research has shown that it is only superior to use long, high entropy phrases. Even better are long, randomly generated passwords that make them almost impossible.
As for this specific attack, Microsoft Office 2016 or 2019 documents or later may not work, because office2john is designed to work on earlier versions of Office. But as you can see above, Office 2016 can very well spit out a 2013 document without the user even knowing, so that does not mean that a "new" file cannot be cracked. In addition, there are still many older Microsoft Office documents floating around there, and some organizations continue to use these older versions, making this attack still very feasible today.
Today, we learned that password-protected Microsoft Office files are not as safe as one would lead to believe. We used a tool called office2john to extract the hash of a DOCX file and then cracked the hash using John the Ripper and Hashcat. These types of files are still commonly used today, so if you encounter someone who has a password on it, it was easy to know that there is a way to crack it.