After a lot of investiment researching and building scripts to crack an old word file I've lost the password, finally I found the final guide for it:
$ python3 office2hashcat.py wordfile.doc > hashcat.txt
$ hashcat -m 9700 -a 3 hashcat.txt -i "?a?a?a?a?a?a"
Thanks to atom, this was not a hard task. Here is everything explained step-by-step: https://hashcat.net/forum/thread-3665.html So, you will see that MS Word uses RC4 + MD5 for mode $0 and $1 and RC4 + SHA1 for mode $3 and $4. RC4 = algo used for encryption. SHA1 = hash function. MD5 = hash function. So, you will use RC4 and MD5 or SHA1. Where you find this $0, $1, $3, $4? It is the first part of hash extracted with office2hashcat.py (https://github.com/stricture/hashstack-s...hashcat.py) Eg. of extracted hash: $oldoffice$1d6aabb63363188b9b73a88efb9c9152eafbbb9254764273f8f4fad9a5d82981f*6f09fd2eafc4ade522b5f2bee0eaf66d (https://hashcat.net/forum/thread-3665.html) As you can see, after the word old office, we have $1, so, this hash uses RC4 + MD5.
The extracted hash have this fields:
- Kind of encryption scheme used ($1, $2, $3, $4)
- Salt => what are between 1 and 2 asterisk => d6aabb63363188b9b73a88efb9c9152e
- EncryptedVerifier => what are between 2 and 3 asterisk => afbbb9254764273f8f4fad9a5d82981f
- EncryptedVerifierHash => what are after 3 asterisk => 6f09fd2eafc4ade522b5f2bee0eaf66d
After understanding how to do it manually, lets do it with hashcat. First create a file and save this inside: $oldoffice$1d6aabb63363188b9b73a88efb9c9152eafbbb9254764273f8f4fad9a5d82981f*6f09fd2eafc4ade522b5f2bee0eaf66d Now, we will understand the hashcat modes that you can use: -m 9700 = find a password -m 9710 = crack the RC4 key -m 9720 = collide the RC4 key with a candidate password
So, we can do this path hashcat -m 9700 -a 3 <file.hash> -i ?a?a?a?a?a?a => you will try to find a valid password to open the file. This mode will do the something that mode -m 9710 plus -m 9720 hashcat -m 9710 -a 3 --hex-charset ?b?b?b?b?b => this will recover the RC4 key only, not the password. hashcat -m 9720 -a 3 <file.rc4> -I ?a?a?a?a?a?a => this will try to find a password from the RC4 key.
Inside <file.hash> $oldoffice$1d6aabb63363188b9b73a88efb9c9152eafbbb9254764273f8f4fad9a5d82981f6f09fd2eafc4ade522b5f2bee0eaf66d Inside <file.rc4>: $oldoffice$1d6aabb63363188b9b73a88efb9c9152eafbbb9254764273f8f4fad9a5d82981f6f09fd2eafc4ade522b5f2bee0eaf66d:f2ab1219ae
You do not have to use the 3 options; use only -m 9700 OR -m 9710 then -m 9720.
It took me 1 day and 1h to find a candidate password. That's awesome! Now I have my content written in 2008 back to live :)