Cracking Microsoft Office Document Passwords for Free using Hashcat

Cracking Microsoft Office Document Passwords

In this article we’ll look at how to crack password-protected Microsoft Office 97, 2003, 2007, 2010, and 2013 files. We’ll learn about a nice Python script called office2john.py, which pulls a hash from the Office document in a format that is used by John the Ripper (another password cracking utility), and how to edit that output so that we can use it with Hashcat. We’ll then learn a few tricks to crack the document with Hashcat.

If you haven’t seen my previous article on cracking with Hashcat, I encourage you to read that article first. It specifically deals with cracking WPA2 keys with Hashcat, but the techniques described in that article regarding phone numbers, wordlists, and modifiers are all relevant here. My previous article that covers creating custom wordlists may be of assistance as well.

Extracting the Password Hash from the Office Document

In order to use Hashcat to attack the hash stored in a Microsoft Office document, we first must extract the hash. There’s a nice little Python script called office2john.py that will help us with this. The official site for the script is located here, but I’ve made a backup of the script here for archival purposes, just in case that site ever goes down.

After you download the script it’s a good idea to put it and the Office document that you’re trying to crack in the same directory for ease of command line use. We’ll be using Kali Linux for this so the files will be located in our home directory (/root), but you can do this on Windows as well.

To use a Python script in Linux, you’ll first have to make it executable.

chmod +x /root/office2john.py

We can then use the script to extract the password hash. For ease of use, remember, the Office document should be in the same directory. We’ll use an example document called Docs.docx for our syntax here. By default, the script outputs the hash to the screen, so we’ll direct standard i/o to a file instead. (Note that if you’re using Windows, you’ll need Python installed. It comes installed with Kali by default.)

./office2john.py Docs.docx > officepassword

We’re almost done. In order for Hashcat to be able to use the file without giving us errors, we must perform a small edit. Open the officepassword file you just created in nano.

nano officepassword

You’ll see something like this inside the file:

Docs.docx:$office$*2013*100000*256*16*17aacdb40c2cffa4a1c6ec2...

You’ll need to remove the filename and colon from the beginning of this line, and save the file. Hashcat wants only the file hash and nothing more. The newly edited line should look like this.

$office$*2013*100000*256*16*17aacdb40c2cffa4a1c6ec2...

Using Hashcat to Crack the Hash

I’m going to take the hash back to my Windows machine to crack, since my Windows machine has a GTX 1070 GPU in it. Cracking passwords with Hashcat using only CPU power is very slow and isn’t recommended, unless you have a very short wordlist of what the password might be. The command for Linux is identical, just remove “64” from the binary name in the command.

hashcat64 -m 9600 -o cracked officepassword rockyou.txt

If we wanted to apply a rule to that, we could reference a path to our rules file with the -r switch.

hashcat64 -m 9600 -o cracked -r rules\best64.rule officepassword rockyou.txt

From here on out, the rules that we learned in our previous Hashcat article still apply. You can use wordlists, apply rules, and more. Remember, attacking hashes takes both skill and luck. Don’t forget about the advantages of creating custom wordlists as well.

The first command above will run our hash against the rockyou.txt wordlist, which we learned about in our previous Hashcat article.

The -m 9600 flag in this command lets Hashcat know that we’re working with an Office 2013 document. Different types of Office documents have different types of hashes, so use this list depending on which version of Office you’re attacking. If you use the wrong switch value, you’ll get an error. Here are a list of the Office types that Hashcat currently supports and their associated -m flags values.

-m 9700 - Office 97-03 (MD5+RC4)
-m 9710 - Office 97-03 (MD5+RC4, collider-mode 1)
-m 9720 - Office 97-03 (MD5+RC4, collider-mode 2)
-m 9800 - Office 97-03 (SHA1+RC4+oldoffice3/4)
-m 9810 - Office 97-03 (SHA1+RC4+collider-mode 1)
-m 9820 - Office 97-03 (SHA1+RC4+collider mode 2)
-m 9400 - Office 2007
-m 9500 - Office 2010
-m 9600 - Office 2013

Hopefully within time you’re successful. If you aren’t, keep trying with new wordlists and new rules.

When the hash is cracked successfully, you should see something like this, and your cracked password should be output in the file cracked, as specified with the -o parameter above.

Notice the status of “Cracked,” and that it took approximately 24.5 minutes to crack.

Conclusion

Remember that cracking is more about luck than skill most of the time. Develop a list of favorite wordlists, get as much information as you can about potentials for the password based on your target or their industry or likes and develop your own custom wordlists for them specifically, use modifiers like best64 against hose wordlists, and keep on crackin.

If you enjoyed this tutorial and would like to see more, please feel free to share this article on social media, comment below letting me know what else you’d like to see, and follow me on Twitter @JROlmstead.