Friday, August 17, 2007

Password Cracking and Security: Part 2

This will show you how to break the encryption on a zip file, word document, and excel document. The tools and methods shown here are just some of the many ways to get a password. There are things called exploits which could allow an attacker to get in even faster... but for now lets take a look at Brute Force and Dictionary attacks. NOTE: This tutorial doesn't recommend you crack passwords that don't belong to you. It is meant be used for password recovery and password strength testing.

Tools needed:
Excel_crackers_setup.exe (mirror)
Zip Password Finder (mirror)
abc.doc (word doc I made with password... see if you can get access)

These programs have been tested and they work with not only the older versions of office, but also newer ones...

  1. Microsoft Word / Microsoft Excel
    This method will work on either a word or excel file, it doesn't matter which you choose.
    First create(or open) a password protected Microsoft Word or Excel document; type some information into it so that you will be able verify you have unlocked the document.
    To enable password click tools--> options --> security, and enter password, click ok and save the document. (Visual here)

  2. Next download and install excel_cracker_setup.exe
  3. You should get a
    window that looks like:
  4. In the name box type or click the icon and browse, to enter the password protected word/excel file you created.
  5. You have 2 options: Brute Force attack! and Dictionary attack (see Password cracking part 1 for more info). If you do a dictionary attack you must select a word file... and it has to be text. For this demonstration select only Brute Force attack

  6. Further options include:
    - All printable (meaning all characters able to be typed)
    - Latin small symbols [ a...z] (lowercase letter)
    - Latin capital symbols [A...Z] (UPPERCASE letters)
    - Digits [0...9] (numbers)
    - Special symbols [1@#$...] (can you guess this one?)
    - Space [ ] (its like outer space...)

  7. You can set the Minimum Length and Maximum Length of the passwords you want try. But here is where things get a little sticky. See chart below to see what I mean. (click to see it larger)

    A ten character password with both symbols and letters (no caps) will take over 960000 years to crack.
ZIP Archives
In order to crack zip archives it is very similar but here are the step by step instructions.
  1. Download: Zip Password Finder
  2. Once you have opened the program (it installs to the start menu),
  3. Click "Open File" and select the zip file you wish to crack.
  4. Next, pick the "charType Property" which will be the character set that is used for the Brute Force. (you should understand from the other demonstrations, so I don't have to re-list the distinctions.)
  5. You may also want to select "Max password Length:"
  6. Go get a drink and find something productive to do while you wait :-)

    The best thing that you can use this for is to test how fast someone could crack your password or if you have forgotten the password to a word, excel, or zip file. Once you have cracked (or failed to crack) your password, you can make an assessment as to whether or not you need to change it. (If your password is over 10 charters, I expect you know better than to wait 100+ years to find out it is safe :-P )

IBIOS ( BIOS cracking
Cain and Able................................ OS PWD cracker /Net spoofer
007PeepPassword..........................view password under asterisks
Archpr.................................... rar, zip, pkzip, ARJ/ACE + more good resource for free and paid tools.