Today the International Consortium of Investigative Journalists (ICIJ) released “The Paradise Papers.” These look to be a massive collection of documents related to offshore bank accounts. According to the ICIJ’s disclaimer:
ZDNet Korea reports that the South Korean government is making a first-step to shift from the proprietary Hangul Word Processor (HWP) file format (.hwp) to the Open Document Format (ODF). To understand why this is such a big deal, you first need to understand that HWP is part of the national identity. It is/was a government sponsored monopoly. Even schoolchildren were reminded that it’s their duty to buy HWP. They must have a valid license(s) (because no other word processor is acceptable). The format is proprietary, and no other word processor can read it. Microsoft released a HWP2DOC converter. Government organizations were forced to use HWP, and businesses where “encouraged” strongly.
CybercrimeTech started as a dfir notes blog during my Masters at University College Dublin. I wasn’t sure what it would turn into, and thought the name was general. Almost 11 years later, that is no longer the case.
Here are some files to test your password cracking skills. All of them can be done in less than a few hours with CPU-based cracking. You can download the file and practice hash extraction + cracking, or just download the hashes directly.
SSDEEP is a fuzzy hashing tool written by Jesse Kornblum. There is quite a bit of work about similarity hashing and comparisons with other methods. The mainstream tools for digital forensics, however, appear to be ssdeep and sdhash. For example, NIST created hash sets using both tools. I wrote a post about sdhash in 2012 if you want to know a little more about how it works.