Current student at University of Washington Forensics class. We are working on our first test image examination. Have recovered several word docs (97-2000) password protected. Have guessed passwords on all but one. Need a open source password cracker. We have x-ways with a dongle to use, also using prodiscover basic to verify any findings. PRTK eval dosn't help.
Thanks for any direction.
There's some trial software you can also try. Google should turn up some without too much trouble. Remember that most instructors will not give students passwords created from random characters and a length of 14. Part of what your instructor is forcing you to do is learning to do the research on the Internet.
http//
elcomsoft opensource? unfortunately not )
brewski, You "guessed them" ? what did you base your guesses on?
There seems a distinct lack of OSS crackers for Microsoft Office ware, and i've put in a good few hours searching. You might try using OSS or hexeditor to view them, and see if the docs are encrypted or just locked.
The lecturer may be giving a lesson in "you can guess so many, more would need programs/ heavy duty computing / etc" .
Agreeing with ddow, do some research. it's probably what the lecturer is looking for. If you can't crack it, given the tools you have, what you tried, inc reasoning, and a possible solution.
As a hint, maybe check the differences between simple guesses, dictionary attack, bruteforce and rainbow tables. Further brownie points may come from explaining in which order of preference you would try each technique, why and how you chose/created your "dictionary" ie the wordlist, and in what circumstances a rainbow table attack may be useful or what it's advantages are.
hth
Kern
All the password protected documents in the exercise were eventually guessed. As an exercise the passwords were not very strong and all were related to content in other materials in the image being examined.
darn lecturers, they should make u work harder )
Well done tho, your digging obviously paid off.
Kern
