[TriLUG] OT: password cracking service for Word docs

Greg Brown gregbrown at mindspring.com
Sat Mar 27 12:59:59 EST 2004 

I just tried a few things with Office 2003 with no success.  First I  
created a document then protected it with two passwords (one for  
reading and one for editing).  I tried the strings approach, but that  
didn't work.  So I tried to pummel the whole document through od, then  
take the output from od, extract anything that matched /^[A-Za-z]+$/  
and print the character stuff to a tmp file (I realize this would  
delete numbers in the passwords, but I was just looking to see if I  
could get partial string matches).  I then tried to extract pieces of  
the password through character searching of the od output file with no  
real luck.  So, whatever M$ is doing it appears they are finally using  
some kind of crypt() like function instead of storing plaintext  
passwords (wow, what a concept).  All that said, it did appear that  
portions of the text in the document were readable using this approach.  
  I have to get to the airport or I'd spend more time on this, but I've  
got to run... er fly.

Greg

On Friday, Mar 26, 2004, at 22:37 US/Eastern, Jon Carnes wrote:

> Hmmm, the password used to be stored in plain text near the end of the
> document - you could grab it with a hex editor or probably even using
> strings.
>
> I do hope that later versions of Word are more advanced than this... I
> mean, it's supposed to be DOD ready!
>
> Jon Carnes
>
> On Fri, 2004-03-26 at 21:17, Chris Knowles wrote:
>> OK, I tried it with word, and it no worky.  OO pops up and says that  
>> it
>> can't open protected documents.  Now, it will work if all they've done
>> is protect against changes, but not if they've protected the entire
>> document.
>>
>> CJK
>>
>> On Fri, 2004-03-26 at 17:05, Jason Tower wrote:
>>> i can't speak for word, but a client recently sent me a XLS file  
>>> that had
>>> passwd-protected cells/columns (they had forgotten the passwd and  
>>> wanted
>>> to know if i could "fix" it).  OO calc had no trouble with it, saved  
>>> it as
>>> a new file and all was right with the world.  i did have to do a
>>> "unprotect sheet" or something like that first, only took a second.
>>>
>>> jason
>>>
>>>> On Fri, 2004-03-26 at 16:39, Dan wrote:
>>>>> --On Friday, March 26, 2004 04:07:41 PM -0500 Jason Tower
>>>>> <jason at cerient.net> wrote:
>>>>>
>>>>>> yeah, it's called openoffice :)
>>>>>
>>>>> 'splain please... will OpenOffice read in the password protected  
>>>>> files?
>>>>> I've not played with OO because, like Office, it seems to be way  
>>>>> bloated
>>>>> to
>>>>> me.
>>>>
>>>> OpenOffice will not read password protected word documents at all.
>>>> Do give it a try for your general office needs, though, it feels a  
>>>> lot
>>>> less bloated in recent versions, like the one included in Fedora  
>>>> Core 1
>>>> or Mandrake 10.
>>>>
>>>> AbiWord will open some types of password-protected Word docs... but  
>>>> it
>>>> will prompt for the password.  It needs this to decrypt.
>>>>
>>>> I believe John Beimler has experience with this; if he doesn't see  
>>>> this
>>>> thread, you may want to ask him on IRC (nick jbeimler).
>>>>
>>>> --Jeremy
>>>>
>>>> --
>>>> /------------------------------------------------------------------- 
>>>> --\
>>>> | Jeremy Portzer        jeremyp at pobox.com      trilug.org/~jeremy    
>>>>   |
>>>> | GPG Fingerprint: 712D 77C7 AB2D 2130 989F  E135 6F9F F7BC CC1A  
>>>> 7B92 |
>>>> \------------------------------------------------------------------- 
>>>> --/
>>>> --
>>>> TriLUG mailing list        :  
>>>> http://www.trilug.org/mailman/listinfo/trilug
>>>> TriLUG Organizational FAQ  : http://trilug.org/faq/
>>>> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>>>> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc
>>
>> ______________________________________________________________________
>>
>> -- 
>> TriLUG mailing list        :  
>> http://www.trilug.org/mailman/listinfo/trilug
>> TriLUG Organizational FAQ  : http://trilug.org/faq/
>> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc
>
> -- 
> TriLUG mailing list        :  
> http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc
>

More information about the TriLUG mailing list