EnScript to export hashes from SearchPak .spak file

A reader contacted me about the possibility of exporting the hashes used by the SearchPak program made by ADFSolutions so they could be imported into EnCase, as he had several hundred thousand hashes in the SearchPak program. I asked for a sample of the file that contains the hash values in the SearchPak application and found they are stored in a XML type text file with a ".spak" extension.

I wrote a quick EnScript that parses the XML type .spak file and then exports all the hashes to a text file in the default export folder of EnCase. You can then use the EnScript I previously wrote here to read hashes from a text file and create a EnCase hash set.

Written for EnCase v6
Download Here