Once the attacker has access to storage media like hard disks, USB drives and cloud storage, the files stored on that media become accessible to him. In order to put one more layer of defense in such cases, the sensitive files are encrypted. In most cases, a password known to the legitimate user/owner is used to derive a long key and this key is then used to encrypt the file. However, if the password used to protect the file is weak, it becomes susceptible to dictionary and mask/pattern-based attacks. In this section, different types of encrypted files are provided along with tools, Hashcat and John The Ripper (JTR). The user has to recover the passwords for these files.


What will you learn?


  • Recovering passwords for different types of encrypted files using Hashcat and John The Ripper.


References:


  1. Hashcat (https://hashcat.net/hashcat/)

  2. John The Ripper (https://www.openwall.com/john/


Labs Covered:


Crack the password for an encrypted RAR archive by launching a dictionary attack using Hashcat or John The Ripper.


Crack the password for an encrypted PKZIP archive by launching a dictionary attack using John The Ripper. 


Crack the password for an encrypted 7z archive by launching a mask-based brute-force attack using Hashcat or John The Ripper.


Use an open-source 3rd party python tool to convert the known_host entry into Hashcat compatible format and then recover the IP address stored in it using Hashcat.


Crack the password for an encrypted MS Word .docx file by launching a dictionary attack using Hashcat or John The Ripper.


Crack the password for an encrypted MS Word .doc file by launching a dictionary attack using Hashcat or John The Ripper.


Crack the password for an encrypted PDF file by launching a dictionary attack using Hashcat or John The Ripper.


Crack the password for an encrypted PDF file by launching a dictionary attack using Hashcat or John The Ripper.


User Avatar

Cracking RAR Archives

User Avatar

Cracking PKZIP Archives

User Avatar

Cracking 7z Archives

User Avatar

Cracking SSH known_hosts File

User Avatar

Cracking MS Word .docx

User Avatar

Cracking MS Word .doc

User Avatar

Cracking PDF (PDF 1.1-1.3)

User Avatar

Cracking PDF (PDF 1.4-1.6)

User Avatar

Cracking Private Key Passphrase