Advanced Office Password Breaker (AOPB)

Advanced Office Password Breaker, or AOPB for short, is a program to decrypt Microsoft® Word® and Excel® 97/2000 files that have file open protection set, as well as Word® and Excel® XP/2003 files with default (Office 97/2000 compatible) encryption – guaranteed, regardless the password length and complexity. This is being done by trying all possible encryption keys (instead of brute-force and dictionary attacks) and takes only about ten days on single Pentium 4 PC (or just three-four days on faster dual-CPU systems).

Requirements:
· Windows® 98, Windows® ME, Windows® NT 4.0, Windows® 2000, Windows® XP or Windows® Server 2003
· about 800 kilobytes of free space on hard disk

Note: to use Professional or Enterprise Edition of AOPB on a system with two or more CPUs, you should have Windows® NT, Windows® 2000, Windows® XP or Windows® Server 2003.

Microsoft Word® and Microsoft Excel® support three levels of document/workbook protection. The user who creates a document or workbook has read/write permission to a document and controls the protection level. The three levels of document protection are:

· File open protection. Word®/Excel® requires the user to enter a password to open a document.
· File modify protection. Word®/Excel® requires the user to enter a password to open the document with read/write permission. If the user clicks Read Only at the prompt, Word®/Excel® opens the document as read-only.
· Read-only recommended protection. Word® prompts the user to open the document as read-only. If the user clicks No at the prompt, Word®/Excel® opens the document with read/write permission, unless the document has other password protection.

In addition to protecting an entire Word® document, you can also protect specific elements (tracked changes, comments and forms) from unauthorized changes. For Excel®, you can protect a worksheet and the contents of locked cells, a structure of a workbook, windows in a workbook and cells or formulas on a worksheet, or items on a chart sheet. Finally, you can prevent users from viewing code by locking VBA project.

All protections but File open one are not secure at all – the password can be either recovered or removed (changed) instantly, and not supported by AOPB at all.

If File open protection is being used, Word® and Excel® encrypt password-protected documents by using the symmetric encryption routine known as RC4. In old versions of Microsoft Office (prior to Office 97 – i.e. Office 95, Office 6.0 etc), however, the implementation was weak and allowed to extract (decrypt) password as well; such files are also not supported by AOPB.

For Word® and Excel® 97/2000 files (and also Word®/Excel® XP/2003, if Office 97/2000 Compatible Encryption is used), File open protection is good enough; at least, password cannot be recovered instantly, and till now, the only methods to break them were brute-force and dictionary attacks. However, these methods fail if password is long enough and well selected (i.e. cannot be found in common dictionary) – it would take years to recover it. This is the only type of protection AOPB supports, by using a new method such as searching for encryption key instead of the password.

AOPB does not work with Word® and Excel® file if:

· The file does not use File open protection at all, but only File modify protection, or document/workbook protection, or VBA password.
· The file has been created in Office 95 (or older)
· The file has been created in Office XP, but uses any encryption other than Office 97/2000 Compatible one.
· The file has been created on a machine with user's locale setting in Regional Settings in Control Panel is set to French (Standard). This is just because strong encryption such as RC4 is banned in France, and Office 97/2000/XP can use only old/weak encryption there.

Instead of AOPB, you should use Advanced Office Password Recovery (that supports all the types listed above, but doesn't provide 100% recovery rate for File open protection on brute-force and dictionary attacks) instead. AOPB works only with Word®/Excel® 97/2000 (and Word®/Excel® XP/2003 if default, Office 97/2000 Compatible Encryption is used) files, encrypted with password for opening.

As noted above, Word®/Excel® 97/2000 (and Word®/Excel® XP in Office 97/2000 Compatible mode, which is the default), encrypt files using RC4 encryption routine, if File open protection is used. The simplest way to break the password is running brute-force and dictionary attacks; however, these methods work well only on short and simple passwords only. But if, for example, the password is 10 characters long and contain both small letters, capital letters and digits – obviously, you will not find it in any dictionary; and for brute-force attack, the appropriate software will have to try the following number of possible passwords:

(26 + 26 + 10) ^ 10 = 839,299,365,868,340,224

Even assuming that modern PCs with 4 processors can test as much as about a million passwords per second, it will still take more than 26614 years to test them all. Well, only 13307 years in average, but still too much.

This program, AOPB, does not recover the password at all. Because of U.S. crypto export regulations, the key length in RC4 algorithm used for encrypting the document is only 40 bits, and that means that the total number of possible encryption keys is:

2 ^ 40 = 1,099,511,627,776

So instead of testing all possible passwords, AOPB test all possible encryption keys. And once the key is found, it decrypts the document, so the password is no longer required to open it. Decryption is still not instant, but recovery time is very reasonable (usually, a few days). Moreover, this method provides 100% success rate regardless the password length. For example, if the speed is one million passwords per second (as for Athlon XP 1800+), the program will work about 305 hours or about 13 days – and this is maximum.

If you have Start the attack immediately after selecting document option enabled (see Options), this is all you have to do – the attack will be started with default parameters (sufficient for most cases), and now just wait till the key will be found (depending on the speed of your CPU, it may take from a few days and up to two weeks).

Please note that you can interrupt the attack at any time simply by pressing the Stop button. During the attack, the program saves (on a regular basis) intermediate information into the status file (with bsf extension). You can also save this file yourself at any point (using Save button on toolbar), or open previously saved file using Open button (instead of opening Word® or Excel® file here).

If Start the attack immediately after selecting document option is not checked, the parameters will be also set to default values, but you can change them prior to starting the attack. First, you can select an appropriate range. The whole key range (1,099,511,627,776 as defined above) is divided into 65,536 blocks, with 16,777,216 keys in every block. So Start from and End at fields may contain values from 0 to 65535; if you're just starting the attack, select minimum and maximum, accordingly. At the right of these fields, there are small buttons that allow selecting the whole range, or first/second half, or one third – this may help if you split the task across two or three computers. Next, you can select an alternatename for autosave file (with bsf extension).

Now press Start button on the toolbar, and the program will work till it find the encryption key or press the Stop button (you can do that at any time; the Start from field will be automatically set to the number of the current block). During the attack, the program shows some statistics – current block, average speed (in keys per second), elapsed time and estimated time.

Here we have the total number of keys tested, elapsed time, average speed in keys per second, and (the most important) the encryption key itself. You can press Save button so text file with all that information will be created:

Advanced Office Password Breaker statistics:
Encrypted document: C:\My Documents\report.doc
Total keys: 85 095 424
Total time: 33s
Average speed: 2 515 532
Encryption key: [ SH8ZKA8Q2W38F ]

Or just press the Decrypt button to save the decrypted (Word® or Excel®) file (you will be prompted for file name). That file will not have File Open protection at all, i.e. Word®/Excel® will open it without any problems.

Note: if AOPB already found the encryption key for particular file but you try to start the attack once again (with any settings) on the same computer, you will be informed about that, and the program will ask you would you like to decrypt the file immediately (if yes, the same window as mentioned above will be shown), or start the attack ones again anyway (though there should not be any reason doing that, except for testing purposes). This is just because AOPB remembers all the keys it has found by storing them in the Windows Registry on your computer. So if you have successfully completed an attack using the trial version of AOPB but have not decrypted the file due to trial version limitations, you will be able to do that just after purchasing the full version and receiving the registration code.

Please also note that if you have two or more documents protected with the same password, their encryption keys are different anyway, because they depend on document-specific information. That means that once the key is found, it can be used for decrypting this particular document only.

Use code optimized for (Non-MMX processors / Intel PII/PIII/Celeron / AMD Athlon / Intel P4 SSE2): force AOPB to use the code specially optimized for the given CPUs. The program detects your CPU and tries to select the proper code automatically, but you may want to play with that option if you've got any other CPU: press Detect button at the right of this option to get accurate benchmark.

Use XX CPU(s): if you have more than one CPU installed in your sustem (Pentium Xeon or Athlon MP), AOPB (registered Professional or Enterprise edition only, see Registration for details) can use them all – simply select the appropriate number of CPUs from the combo box. Please note, however, that if you have Pentium 4 processor(s) with HyperThreading (HT) technology enabled, if is recommended to select the number of "physical", not "virtual" CPUs. For example, if you there are two Pentium 4 Xeon processors on the motherboard, and HT is enabled in BIOS (so your operating system can see four processors), AOPB will work slower if you select 4 CPUs in this option; instead, select only 2 CPUs. Please also see the note for the next option.

Use affinity mask: check this option if your system have CPUs with HT support, such as Pentium 4 3,04 GHz and above, or Pentium 4 Xeon. Otherwise, the AOPB speed will be lower than expected. This option does not affect the program performance if your processor(s) does not support HyperThreading.

Priority (Idle / Normal / High): if you want to start AOPB as a "background" process, which will work only when the CPU is in an idle state, you may select Idle. If you want to increase performance, select Normal, but be aware that this will decrease the performance of all other applications running on your computer. If you select High, the program will try to use as many resources as possible (not recommended).

Auto-save every XX min: the program periodically saves all information displayed in the status window into the bsf-file (the path to that file is selected on main program screen) according to the interval selected.

Update state every XX ms: allows to set an interval (in milliseconds) between status window updates, showing the current block number, recovery speed, elapsed time and estimated time. The default is 2000 (a reasonable value). By selecting the higher value (5000, for example), you can get slightly better recovery speed.

Minimize to tray: if this option is enabled, the program window will disappear from the Windows desktop when you press the "minimize" button in the top-right corner of the window (or you select an appropriate item in the system menu). The small icon will be created in the "tray" area of the task bar (near the system clock). Just double-click on that icon to restore the window.

Start the attack immediately after selecting document: if enabled, AOPB will start searching for document encryption key right after opening the document (if supported). Otherwise, you will have press Start button yourself (probably after selecting the key range, changing options etc).

Register: press this button to register your copy of AOPB (if you've got the registration code already, of course). If you've already registered AOPB, this button appears as Upgrade, allowing you to register the program using another code – for example, to move from Standard to Professional Edition. See Registration for details.

Check for updates: the program connects to AOPB web site to get information about the latest version of the program available for downloading.

You can execute the program with command line parameters, like:

aopb.exe [options]

Where the options are:

/minimize OR /m
Minimize the program after starting the attack

/dontstart OR /ds
Don't start the attack, just load/set the parameters from filename

The only mandatory parameter is filename. This is the name of bsf-file that stores the name of attacked Word® or Excel® file, starting block, and block to end at. To create such file, just open Word®/Excel® file in AOPB, select the block range, and press Save button on the toolbar (without starting the attack); look at Searching for encryption key for details. Or, if you already had the attack running for some time, you can use the auto-save file.


Home page URL : http://www.elcomsoft.com/aopb.html

0 comments:

Related Posts Plugin for WordPress, Blogger...