If everything goes well, the executables for John and its related utilities will be created under “./run/”. Then compile the sources: $ cd JohnTheRipper/src The correct way is to extract the password hash from the file and then cracking it using John The Ripper.įor this purpose, you need to get a ‘ jumbo’ build of John The Ripper, that supports Office files cracking.įirst, clone the git repository: $ git clone The encryption algorithm of encrypted Microsoft Excel files is 40bit RC4.Īs it is encrypted nothing could be tweaked by opening the document with a hex editor. I did it,and now i’d like to share workflow for XLSX cracking. Obviously, the file was password protected, and I had to find a way to read it. Recently, during a forensic analysis on a laptop of an employee charged with corporate espionage, I’ve carved from disk a suspicious Excel file.
0 Comments
Leave a Reply. |