Password Attacks Lab - Medium

logged onto the machine via smbclient.

got the doc.zip and ran zip2john against, then JTR and got a password.

when i enter the password i get an error - how are you guys opening the document?

hi,
actually this can be easy completed with a bit of research. google decrypt office docs using john. you will learn a lot.

if you still stuck, let me know.

hey, i find in folder Dennis .ssh a id_rsa file. I use it like this:
ssh -i id_rsa root@IP

then it say “Enter passphrase for key ‘id_rsa’:” … what does this mean? i also generate a own key (see dennis bash history), but it doesn work too. If im on the right way, could you give me pls a hint?

after you get the id_rsa from dennis - run the john script to get the passphrase for it.

it was mentioned in the module - ssh2john

install openoffice-writer and use it to be able to unlock and view the file (once you got the password for the document)!

Hey mate, I’m stuck in the same situation as you. I’ve been stuck on it for almost the whole day. Could you please share some tips for this? I would greatly appreciate it. Thanks in advance

Hi, how did you manage to solve the problem for this encrypted file here what I have so far
user admin with smb then Doc.zip
Documentation.docx: CDFV2 Encrypted

I have two passwords after cracking however still can’t access this document
1- password for the zip
2- password for the documentation.docx
I used john but the pwnbox gives me archive is not supported

edit here’s a screenshot
image

when i try to get the id_rsa file from dennis i get permission denied that is because i am not dennis . how did you manage to get the id_rsa file of dennis ?

Hi! If it is still relevant for someone:

office2john Documentation.docx > documentation.hash

Then you also brute force the password.

1 Like

First you need to decrypt id_rsa, everything is like in the manual
and only then use id_rsa to connect with root rights

ssh2john id_rsa > id_rsa.hash
john --wordlist=mut_password id_rsa.hash