> For the complete documentation index, see [llms.txt](https://strange-1.gitbook.io/notes/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://strange-1.gitbook.io/notes/password-attacks/cracking-files.md).

# Cracking Files

## Protected Files

### Hunting for Encoded Files

**Hunting for Files**

```bash
for ext in $(echo ".xls .xls* .xltx .csv .od* .doc .doc* .pdf .pot .pot* .pp*");do echo -e "\\nFile extension: " $ext; find / -name *$ext 2>/dev/null | grep -v "lib\\|fonts\\|share\\|core" ;done
```

**Hunting for SSH Keys**

```bash
grep -rnw "PRIVATE KEY" /* 2>/dev/null | grep ":1"
```

### **Cracking with John**

```bash
# John Hashing Scripts
locate *2john*

# generating the corresponding hashes for encrypted SSH keys.
ssh2john.py SSH.private > ssh.hash

# Cracking SSH Keys
john --wordlist=rockyou.txt ssh.hash

john ssh.hash --show
```

## **Cracking Documents**

**Cracking Microsoft Office Documents**

```bash
# generating hash
office2john.py Protected.docx > protected-docx.hash

# cracking hash
john --wordlist=rockyou.txt protected-docx.hash
john protected-docx.hash --show
```

**Cracking PDFs**

```bash
# Generating hash
pdf2john.py PDF.pdf > pdf.hash

# Cracking hash
john --wordlist=rockyou.txt pdf.hash
john pdf.hash --show
```

## **Protected Archives**

### Cracking Archives

### **Cracking ZIP**

**Using zip2john**

```bash
zip2john ZIP.zip > zip.hash
```

**Cracking the Hash with John**

```bash
john --wordlist=rockyou.txt zip.hash
```

**Viewing the Cracked Hash**

```bash
john zip.hash --show
```

### **Cracking OpenSSL Encrypted Archives**

**Using file**

```bash
file GZIP.gzip
```

**Using a for-loop to Display Extracted Contents**

```bash
for i in $(cat rockyou.txt);do openssl enc -aes-256-cbc -d -in GZIP.gzip -k $i 2>/dev/null| tar xz;done
```

### **Cracking BitLocker Encrypted Drives**

**Using bitlocker2john**

```bash
bitlocker2john -i Backup.vhd > backup.hashes
grep "bitlocker\\$0" backup.hashes > backup.hash
cat backup.hash
```

**Using hashcat to Crack backup.hash**

```bash
hashcat -m 22100 backup.hash /opt/useful/seclists/Passwords/Leaked-Databases/rockyou.txt -o backup.cracked
```
