Scribd
Upload
71 views3 pages

Lab D

This document outlines a lab procedure for creating a password-protected DOCX file in Linux, extracting its hash, and cracking the password using John the Ripper. It includes steps for installing necessary tools, creating the DOCX file through both GUI and command line, and using a script to extract the hash before cracking it. The lab emphasizes the importance of strong passwords by demonstrating how weak ones can be easily compromised.

Uploaded by

asadmunir7890
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
71 views3 pages

Lab D

This document outlines a lab procedure for creating a password-protected DOCX file in Linux, extracting its hash, and cracking the password using John the Ripper. It includes steps for installing necessary tools, creating the DOCX file through both GUI and command line, and using a script to extract the hash before cracking it. The lab emphasizes the importance of strong passwords by demonstrating how weak ones can be easily compromised.

Uploaded by

asadmunir7890
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Lab: Cracking a Password-Protected DOCX File with John the Ripper

In this lab, we will:

1. Create a password-protected DOCX file in Linux.


2. Extract the hash from the DOCX file.
3. Crack the password using John the Ripper.

Step 1: Install Required Tools

First, ensure you have the necessary tools installed:

Download
sudo apt update
sudo apt install libreoffice john -y

(We use libreoffice to create a DOCX file and john for cracking.)

Step 2: Create a Password-Protected DOCX File

Method 1: Using LibreOffice

1. Open LibreOffice Writer:


libreoffice --writer
2. Type some sample text (e.g., "This is a test DOCX file for John the Ripper lab").
3. Click File → Save As.
4. Choose Microsoft Word 2007-365 (.docx) format.
5. Check "Save with password" and set a password (e.g., secret123).
6. Save the file as protected.docx.

Method 2: Using Command Line (Headless)

If you don’t want a GUI, use:

echo "This is a test DOCX file." > test.txt


libreoffice --convert-to docx --encrypt --password "secret123" test.txt

This will generate test.docx with password protection.

Step 3: Extract the Hash from the DOCX File

John the Ripper cannot directly crack DOCX files; we must first extract the hash.
Install office2john (Extraction Tool)

wget https://raw.githubusercontent.com/magnumripper/JohnTheRipper/bleeding-jumbo/r
un/office2john.py
python3 office2john.py protected.docx > docx_hash.txt

This will create a file docx_hash.txt containing the DOCX hash.

View the Extracted Hash

cat docx_hash.txt

Example output:

protected.docx:$office$*2013*100000*256*16*...*salt*hashed_data

Step 4: Crack the Hash with John the Ripper

Now, we will crack the extracted hash.

Run John the Ripper

john --format=office docx_hash.txt

• --format=office tells John to use the correct hash format.


• By default, John uses a wordlist (/usr/share/john/password.lst).

Use a Custom Wordlist (Optional)

If you have a custom wordlist (e.g., rockyou.txt), use:

john --wordlist=/usr/share/wordlists/rockyou.txt --format=office docx_hash.txt

Show the Cracked Password

Once cracking is done, view the result:

john --show docx_hash.txt

Example output:

protected.docx:secret123

Step 5: Verify the Password

Open the DOCX file with the cracked password (secret123) to confirm:

libreoffice --view protected.docx


(Enter the password when prompted.)

Summary of Commands

Step Command

Install Tools sudo apt install libreoffice john -y

Create DOCX
libreoffice --writer (Save with password)
(GUI)

libreoffice --convert-to docx --encrypt --password "secret123"


Create DOCX (CLI)
test.txt

Extract Hash python3 office2john.py protected.docx > docx_hash.txt

Crack Hash john --format=office docx_hash.txt

Show Password john --show docx_hash.txt

Conclusion

You have successfully:

1. Created a password-protected DOCX file.


2. Extracted its hash using office2john.
3. Cracked the password using John the Ripper.

This lab demonstrates how weak passwords can be cracked using hash extraction and brute-
force/dictionary attacks. Always use strong passwords!

You might also like