For security reasons, our users often ask whether it is possible to start password recovery without uploading the file to the LostMyPass website? We are happy to answer that you have such an opportunity, however, you will need to get the hash of this file yourself on your PC. Obtaining the file hash value may be difficult to understand for an unprepared person and requires some technical skills from the user. If you find it difficult, then look up for a technically competent person who could help you, simplify and speed up the process.
So, here is a step-by-step guide on how to extract a hash from password protected files: MS Office files (Word, Excel, PowerPoint), PDF, Zip and Rar archives.
To extract a hash, you need to have an idea of how to use the command line and install third-party utilities. In most cases, our customers use the MS Windows operating system and therefore may experience some difficulties with these issues. Linux users, as a rule, are more technically savvy and know how to use the command line or terminal, they actively use package managers.
All further instructions are written for Windows users. However, Linux users should not experience problems performing similar actions on their computers. In case of questions, please contact our technical support.
First of all, create a folder to work in. To simplify experience with Command Prompt, the easiest way is to create a folder in the root of your system drive. For example, on drive C: create the Hash folder. Then, copy the protected file to the that folder.
Now you need to figure out how to work with the command prompt. To call the command prompt window on the screen, press the key combination Win + R; a window will appear on your screen, type cmd there and click OK.
You will see a command prompt window. Now go to our working folder, type the following command
Check whether the command is executed correctly and you are in the working folder. To do this, type the dir command. As a result, a list of files that are in this folder should appear on the screen. In your case, you should see the name of your document; if so, then everything is done correctly.
The procedure for obtaining the hash value depends on the type of file and may vary slightly in each individual case. Don't close the command prompt window above, we still need it. But now we have to find and download the appropriate utility to extract the hash from the file.
If you have a MS Office document (Word, Excel, PowerPoint), download the office2john.py script.
Copy the office2john.py file to the C:\Hash folder. We will need this script to extract the hash from the document. We also need a Python interpreter to run the script; you can download and install the Python Installer from the official website. When Python is installed on your computer, open the command prompt window and run the following command (replacing your_file.xlsx with your file name):
python office2john.py your_file.xlsx > hash.txt
If all is done correctly, the hash.txt file will be created in the folder; the obtained hash will be contained in this file.
To extract the hash from the PDF file, we need the pdf2john.pl script.
Copy the pdf2john.pl file to the C:\Hash folder. To run the script, you must have the Perl interpreter installed on the computer. Download and install it from the official website. Then, open the command prompt window and run the following command (replacing your_file.pdf with your file name):
perl pdf2john.pl your_file.pdf > hash.txt
If is’ Ok, the hash.txt file will be created in the folder.
Hashes from Zip and Rar archives are obtained using the zip2john and rar2john utilities, respectively. These utilities are included in the John the Ripper package.
We warn you right away that all the JTR programs are designed for Unix-like systems, but have been ported to Windows. We observed some problems in the operation of the zip2john and rar2john scripts on Windows; sometimes users are not able to get the hash from their files, some files are not processed by scripts. It will be much better to use zip2john and rar2john on Linux. If you do not know how to do this, we recommend that you find a trusted Linux user among your friends and ask him for help.
The following commands extract the hash value from archives. Use them but do not forget to replace the example with the file name of your archive.
Obtaining a hash from Zip file:
zip2john your_file.zip > hash.txt
Obtaining a hash from Rar file:
rar2john your_file.rar > hash.txt
If the whole procedure was performed correctly, the hash.txt file will be created in the folder.
Note that several hashes can be written in the hash.txt file (one for each line), which means that your archive has multiple passwords. This happens when different files in the archive are encrypted with different passwords. We can start the password recovery for each hash separately, but keep in mind that in this case you will be billed for each password recovered.
Email us with hash.txt attached. If the hash is accepted by our program, we will start the password recovery process and send you a link to your order page, where you can monitor the process.
Please note that the orders we launch manually by the hash value are always commercial, even if your password is weak. See the Prices page.
In the case when the customer uploads his file to our website on his own, we can open the source file and send the user a screenshot of the opened document as a proof of the successful recovered password.
If we start the process manually with the obtained hash, then obviously we are not able to provide you with such proof. You will have to pay the bill to get the password and verify it by yourself. Or you can just send us the original file, we will open it and send a screenshot to you.
Please note that we respect copyright and process applications for password recovery and removal only from the owner of this file. Before using the service, you must accept our Terms and Conditions.
Copyright © 2017-2024 LostMyPass.com