lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <42D53139.6050506@operamail.com>
Date: Wed, 13 Jul 2005 17:20:25 +0200
From: Johan De Meersman <jdm@...ramail.com>
To: Christian King <cking@...curi.com>
Cc: Dave.Collins@...ratech.com, bugtraq@...urityfocus.com
Subject: Re: Microsoft Word Protection Bypass


Actually, just remove the entire tag in step 3, and open the xml file in
word again - You don't even lose formatting as far as I see :-)

Christian King wrote:

>Quick HOWTO:
>
>1.  Open the protected document in Word
>2.  File / Save As (XML Document)
>3.  Open XML Document, look for <w:documentProtection w:edit="read-only"
>w:enforcement="on" w:unprotectPassword="xxxxxxx"/>  The
>"unprotectPassword" will be a hex byte string.
>4.  Open the .doc in your favorite hex editor, and search for the hex
>string in the reverse order, i.e. if the unprotectPassword says "1F C6
>CB EB" you would be searching for "EB CB C6 1F" .. when you find this
>string simply zero them out and save the document (I suggest saving as a
>copy obviously).   Once you open the document again you should be able
>to just click "Tools / Unprotect Document" and it will not even prompt
>for a password.
>
>-Chris
>
>-----Original Message-----
>From: Dave.Collins@...ratech.com [mailto:Dave.Collins@...ratech.com] 
>Sent: Wednesday, July 06, 2005 4:11 PM
>To: bugtraq@...urityfocus.com
>Subject: Re: Microsoft Word Protection Bypass
>
>Where can I find the "how to" to get around the password protection?  I
>have a form that I need to modify, but whoever created it is no longer
>with the company and as a result, the password is "gone"
>
>Many Thanks
>
>
>  
>


-- 
When you're in command, command.
		-- Admiral Nimitz
-- 

Public GPG key at blackhole.pca.dfn.de

GCS/IT d- s:+ a- C(+++)$ UL++++$ P+++(++++)$ L++(+++)$ !E- W+(+++)$
N+(++) o K w$ !O !M V PS(++)@ PE-(++)@ Y+ PGP++(+++) t(+) 5 X R tv--
b++(++++) DI++(++++) D++ G e++>+++++ h(+) r y+**


Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ