In Office 2013 apps, you can access Microsoft 365 content in SharePoint Online by providing your Microsoft 365 user ID and password. If you have multiple Microsoft 365 user IDs from different organizations, you can access content from the SharePoint Online deployments of each organization.
Microsoft Office files can be password-protected in order to prevent tampering and ensure data integrity. But password-protected documents from earlier versions of Office are susceptible to having their hashes extracted with a simple program called office2john. Those extracted hashes can then be cracked using John the Ripper and Hashcat.
microsoft office 2013 crack mac password
Extracting the hash from a password-protected Microsoft Office file takes only a few seconds with the office2john tool. While the encryption standard across different Office products fluctuated throughout the years, none of them can stand up to office2john's hash-stealing abilities.
This tool is written in Python and can be run right from the terminal. As for Office compatibility, it's known to work on any password-protected file from Word, Excel, PowerPoint, OneNote, Project, Access, and Outlook that was created using Office 97, Office 2000, Office XP, Office 2003, Office 2007, Office 2010, and Office 2013, including the Office for Mac versions. It may not work on newer versions of Office, though, we saved a DOCX in Office 2016 that was labeled as Office 2013.
Next, we need an appropriate file to test this on. I am using a simple DOCX file named "dummy.docx" that I created and password-protected with Word 2007. Download it to follow along. The password is "password123" as you'll find out. You can also download documents made with Word 2010 and Word 2016 (that shows up as 2013) to use for more examples. Passwords for those are also "password123."
John will start cracking, and depending on the password complexity, will finish when a match is found. Press almost any key to view the current status. When the hash is cracked, a message will be displayed on-screen with the document's password: Since our password was pretty simple, it only took seconds to crack it.
When it comes to password cracking of any kind, the best defense technique is to use password best practices. This means using unique passwords that are long and not easily guessable. It helps to utilize a combination of upper and lowercase letters, numbers, and symbols, although recent research has shown that simply using long phrases with high entropy is superior. Even better are long, randomly generated passwords which makes cracking them nearly impossible.
In regards to this specific attack, using Microsoft Office 2016 or 2019 documents or newer may not be effective, since office2john is designed to work on earlier versions of Office. However, as you can see above, Office 2016 may very well spit out a 2013 document without the user even knowing, so it doesn't mean a "new" file can't be cracked. Plus, there are still plenty of older Microsoft Office documents floating around out there, and some organizations continue to use these older versions, making this attack still very feasible today.
Today, we learned that password-protected Microsoft Office files are not quite as secure as one would be led to believe. We used a tool called office2john to extract the hash of a DOCX file, and then cracked that hash using John the Ripper and Hashcat. These types of files are still commonly used today, so if you come across one that has a password on it, rest easy knowing that there is a way to crack it.
In Excel and Word 95 and prior editions a weak protection algorithm is used that converts a password to a 16-bit verifier and a 16-byte XOR obfuscation array (page 60/119)[1] key.[3] Hacking software is now readily available to find a 16-byte key and decrypt the password-protected document.[4] Because it's only like a Vigenere Cipher.[citation needed] They can be cracked instantly with the help of precomputation tables.[citation needed]
In Office 2007 (Word, Excel and PowerPoint), protection was significantly enhanced since a modern protection algorithm named Advanced Encryption Standard was used.[3] At present there is no software that can break this encryption. With the help of the SHA-1 hash function, the password is stretched into a 128-bit key 50,000 times before opening the document; as a result, the time required to crack it is vastly increased, similar to PBKDF2, scrypt or other KDFs.
Office 2013, 2016 and 2016 employ AES-128 or AES-256 for encryption and 100,000 SHA-512 iterations for hashing. This resulted in a dramatic loss of performance for all password recovery tools. We can try about 50 passwords per second on a single Intel Core i7. Using a GPU (NVIDIA Tesla V100) accelerates the recovery speed to about 20,000 passwords per second. This low speed rules out pure brute force attacks for all but the simplest passwords (1 to 3 characters long). For all passwords that are longer than that, smart dictionary attacks are the only viable recovery method. The use of a GPU is absolutely required. For breaking long and complex passwords we strongly recommend running dictionary-based attacks on a distributed network (Elcomsoft Distributed Password Recovery).
This guide covers cracking a password-protected DOCX file1 created with Word for Mac 2011 (which employs the same protection algorithm as Microsoft Word 2010). It also largely applies to cracking any hash supported by hashcat (MD5, SHA1, NTLM, etc).
Test platform: a wildly unsuitable mid-2010 iMac with an Intel Core i3 processor and 256MB ATI Radeon HD 4670 graphics card, running macOS 10.12. We won't bother attempting a brute force / mask attack, since even a simple 6-character lowercase password could take as long as 19 years to crack on this hardware.
Building a Distributed Network in the Cloud: Using Amazon EC2 to Break Passwords "[...] Microsoft Office 2013 and 2016 employ a smart encryption scheme that is very slow to decrypt. Even the fastest available GPU units found in NVIDIA's latest GeForce GTX 1080 will only allow trying some 7100 passwords per second."
In older versions (below Microsoft Excel 2010), it doesn't even matter how long and complex your password is. Anyone who has at least some basic knowledge of VBA can crack it in minutes (here's an example of the VBA code that easily cracks passwords in Excel 2010 and lower).
Sub PasswordBreaker() 'Breaks worksheet password protection. Dim i As Integer, j As Integer, k As Integer Dim l As Integer, m As Integer, n As Integer Dim i1 As Integer, i2 As Integer, i3 As Integer Dim i4 As Integer, i5 As Integer, i6 As Integer On Error Resume Next For i = 65 To 66: For j = 65 To 66: For k = 65 To 66 For l = 65 To 66: For m = 65 To 66: For i1 = 65 To 66 For i2 = 65 To 66: For i3 = 65 To 66: For i4 = 65 To 66 For i5 = 65 To 66: For i6 = 65 To 66: For n = 32 To 126 ActiveSheet.Unprotect Chr(i) & Chr(j) & Chr(k) & _ Chr(l) & Chr(m) & Chr(i1) & Chr(i2) & Chr(i3) & _ Chr(i4) & Chr(i5) & Chr(i6) & Chr(n) If ActiveSheet.ProtectContents = False Then MsgBox "Password is " & Chr(i) & Chr(j) & _ Chr(k) & Chr(l) & Chr(m) & Chr(i1) & Chr(i2) & _ Chr(i3) & Chr(i4) & Chr(i5) & Chr(i6) & Chr(n) Exit Sub End If Next: Next: Next: Next: Next: Next Next: Next: Next: Next: Next: NextEnd SubPress F5 or click the Run button on the toolbar and wait a couple of minutes.
The macro will report a cracked password, which is not the original one (always some combination of A's and B's), but nevertheless it works. You do not need to remember this fake password or enter it anywhere. Simply click OK and the sheet is unprotected!
Tips and notes:
HII have office 365 and I wanted to remove protection from xlsx file. I converted it to xls (97-2003 file format) and run the macro. Macro run successfully and it generated a password however the protection was still not removed and i am still unable to copy the data. Appreciate if you can help.
Recover, remove or circumvent passwords protecting documents created with a variety of office suites. Break passwords to Microsoft Office documents and files in WordPerfect, Lotus, OpenOffice, Apple iWork and Hangul Office formats.
Hi, I have tried running the office licence pack on a 2008 R2 box with the KMS service installed on it, it already has the update to add support for 2012 and win7.When I run the install exe a cscript window comes up, stays blank and then disappears, any idea why? It never prompts for the Office 2013 KMS key.cheers in advance .Thanks
Microsoft Office passwords have been somewhat problematic for administrators. Suppose, for example, that a user password-protects a critical document and then leaves the company. In the past, an administrator would have little choice but to purchase a password-cracking tool for Office documents and launch a brute-force attack in an effort to determine the document's password.
The DocRecrypt tool is used to strip the password from (or assign a new password to) Microsoft Office 2013 documents. Previously, such documents might have remained locked forever in the event of a forgotten password.
Hi. I've been auditing Crossover on a Fedora 25 desktop. I am able to install Office 2013 32-bit but it will not activate. After I enter my email and password a pop-up dialogue states "Sorry, we cannot connect to your account. Please try again later." Any help would be greatly appreciated.
Les comparto mi experiencia: a mi no me funciono el comando regedit dentro de la botella de office 2013, pero le di clic a panel de control, administrador de tareas, archivo, nueva tarea y ahí escribí regedit y me funcionó! de ahí seguí los pasos para el registro de office, en local machine, software, office, 15 y eliminé registration y listo, funciono!! espero les sirva
I have an Office 2013 installer with a KMS key. It works on CrossOver 17.5.1 but not 18.0Entering the licence key prompts me to seek internet verification of the key which fails, and then it wants me to call support to get a installation confirmation number.I actually did this, and the Microsoft support staff told me the key was valid, but I needed help from the corporate team, so she forwarded me ... but the destination was out of office hours and end of call. 2ff7e9595c
Comments