Quick update. Since I was really interested in password security of OpenOffice, Vanessa had not much trouble to talk me into giving it a try. So I compiled an MPI version of john and started it on my i7-2600 4-core 3.4GHz on 7 CPUs, John chose to use the AVX extension (no fancy graphic card - so no NUMA or CUDA)
I had some infos (language + max pw length) from Vanessa. It took a total of 77h of CPU time in incremental mode (no hit in single shot and dictionary mode) to get a 7 character all lower case password with this setup. I was able to send back an unencrypted 433 pages book. No, I'm not that interested - I won't do that a second time. I provided all information needed to do it yourself. Am 06.03.2014 15:02, schrieb Klaus Muth: > Ok. Tried out. You need: > 1. Encrypted OpenDocumentFormat File (i.e. your book) > 2. John The Ripper from http://www.openwall.com/john/, I used > http://www.openwall.com/john/g/john-1.7.9-jumbo-7.tar.bz2 > 3. A Linux System (There is a Windows binary too) > > - Now Download john, then untar it: > tar xvfj john-1.7.9-jumbo-7.tar.bz2 > - compile it > cd john-1.7.9-jumbo-7/src > make clean linux-x86-64-native > - test it > cd ../run > ./john --test > - get password hash: > ./odf2john.py MyImportantCrypted.odt > passwd > - crack password hash > ./john passwd > > In my example it took john 17 seconds to realize that my password was > actually 123456 - which is of course the most commonly used password ever and > so one of the first tested options: > > ./john passwd > Loaded 1 password hash (ODF SHA-1 Blowfish [32/64]) > 123456 (MyImportantCrypted.odt) > guesses: 1 time: 0:00:00:17 DONE (Thu Mar 6 14:43:10 2014) c/s: 1132 > trying: 123456 > > You might need some kind of Computer Nerd and some fast hardware to crack > your ODF Password, but that might be easy to get compared to writing your > book again. > > Using passwords on the only original of a file is generally a bad idea - you > use them to secure a copy you want to send by mail or on a stick. > > > Am 06.03.2014 13:11, schrieb Vanessa Silva: >> Hello, >> >> >> i’ve written a book, took me over 200 hours, saved it with open Office >> writer and made a Password for it. Then i didn’t use the document in a while >> and now i forgot the Password. Please help me, i Need my book back! Can i >> send you the document per E-Mail? can you erase dthe Password? Please, i beg >> you. I Need it! >> >> >> I’ll wait for your answer. >> >> >> Vanessa Silva >> >> >> >> >> >> >> Gesendet von Windows Mail >> > > > Freundliche Grüße > Freundliche Grüße -- Klaus Muth HAGOS eG Industriestr. 62 fon: (+49) 711 78805-7086 EDV-Programmierung 70565 Stuttgart fax: (+49) 711 78805-957035 http://www.hagos.de Germany mailto:[email protected] HAGOS Verbund deutscher Kachelofen- und Luftheizungsbauerbetriebe eG Sitz: Stuttgart Rechtsform: Genossenschaft Registergericht: Stuttgart GnR 77 Vorstände: Guido Eichel, Ralf Tigges Aufsichtsratsvorsitzender: Thomas Müller USt.-ID-Nr.: DE 147799748 ------------------------------------------- List Conduct Guidelines: http://openoffice.apache.org/list-conduct.html To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
