Forums
Main Category
General (Technical,...
Password breaker / ...
 
Notifications
Clear all

Password breaker / remover

 
General (Technical, Procedural, Software, Hardware etc.)
Last Post by Bulldawg 10 years ago
10 Posts
7 Users
0 Reactions
656 Views
RSS
 Michelle007
(@michelle007)
Active Member
Joined: 10 years ago
Posts: 14
Topic starter 01/04/2015 2:08 pm  

Hello Team,

1. I looking to buy password breaker / remover for MS office 2013 products. kindly suggest.

2. Ours is corporate environment about 1000+ client systems (laptop/desktop) are running. Any idea that we can use the resources (CPU) for password breaking by bruteforce technique?

thanks…


   
Quote
 kelash108
(@kelash108)
Active Member
Joined: 11 years ago
Posts: 18
01/04/2015 3:42 pm  

Hi,

Could this article help perhaps?
http//www.forensicmag.com/product-releases/2012/10/break-office-2013-passwords

)


   
ReplyQuote
 mark_adp
(@mark_adp)
Trusted Member
Joined: 13 years ago
Posts: 63
02/04/2015 11:38 am  

You could utilise http//hashcat.net/oclhashcat/ and the distributed wrapper for this software Hashtopus. This splits the task into multiple "chunks" and hands it out to all your clients, sharing the work load, reducing the time.

Depends on how much access and control you have on your 100 clients.


   
ReplyQuote
 Michelle007
(@michelle007)
Active Member
Joined: 10 years ago
Posts: 14
Topic starter 02/04/2015 1:49 pm  

thanks guys ) … any more suggestion?


   
ReplyQuote
HexDrugsRockNRoll
 HexDrugsRockNRoll
(@hexdrugsrocknroll)
Trusted Member
Joined: 17 years ago
Posts: 60
02/04/2015 2:42 pm  

Take a look at AccessData's PRTK - https://ad-pdf.s3.amazonaws.com/PRTK%207.6%20and%20DNA%207.6%20UG.pdf


   
ReplyQuote
Bulldawg
 Bulldawg
(@bulldawg)
Estimable Member
Joined: 13 years ago
Posts: 190
02/04/2015 9:19 pm  

I prefer Passware. The Forensic version comes with 5 agent licenses, and they also have a Forensic Lab version that comes with 100 agent licenses.

Modern office document open passwords are not easily cracked. You're going to need to distribute this load.

Passware will also work with EnCase and dump the EnCase index into Passware as a custom dictionary, which means if the password was stored on the computer somewhere, cracking can be very quick. I've had limited success with actually finding passwords this way, but it's always worth trying.


   
ReplyQuote
 Michelle007
(@michelle007)
Active Member
Joined: 10 years ago
Posts: 14
Topic starter 03/04/2015 10:10 am  

thanks…) will try your suggestions…


   
ReplyQuote
 Cults14
(@cults14)
Reputable Member
Joined: 17 years ago
Posts: 367
03/04/2015 2:26 pm  

Came across this, I have no experience of it though
http//www.networkworld.com/article/2223249/microsoft-subnet/microsoft-office-2013-s-enhanced-protection-scheme-cracked-ahead-of-official-launch.html

I did some tests a year or so ago on Office 2007 vs Office 2013, running on a single forensic workstation (not hugely powered) I got nowhere on a simple 4-character password. I gave the same challenge to a local vendor who have accelerated hardware, more cores and more RAM than me - and they gave up after 72 hours

So I guess that kinda backs up what everyone else is saying - this is non-trivial and likely

HTH


   
ReplyQuote
jaclaz
 jaclaz
(@jaclaz)
Illustrious Member
Joined: 18 years ago
Posts: 5133
03/04/2015 3:09 pm  

And now it seems just the right time to point to password strength thread
http//www.forensicfocus.com/Forums/viewtopic/t=10675/
and to the XKCD take on the matter
http//www.forensicfocus.com/Forums/viewtopic/p=6567638/#6567638

jaclaz


   
ReplyQuote
Bulldawg
 Bulldawg
(@bulldawg)
Estimable Member
Joined: 13 years ago
Posts: 190
03/04/2015 6:16 pm  

and to the XKCD take on the matter
http//www.forensicfocus.com/Forums/viewtopic/p=6567638/#6567638

A true classic, that one.


   
ReplyQuote
Forum Jump:
  Previous Topic
Next Topic  
Share: