Hacking Excel 2016 password. So long, and thanks for all the fish
Goddamn Reddit has removed my comment to some student’s request (https://goo.gl/OYHxnn
). Supposedly because of a link to our mega-cool password cracking software. Miserable fools! :)
The story is some fellow under the problemboy99 nick asks how to crack a password to Excel 2016. If he manages to crack it, he gets ‘passed’ for the exam or something like that. Easy money!
And then all those commenters start producing crap like ‘write a VBA macros’ or ‘open the file in OpenOffice’ and other bullshit…
Hey, people! Didn’t you read or what – the file is password protected! This is just a mean joke of the teacher, nothing more. The fellow will get his ‘passed’ in about couple of thousands years. That’s funny.
The reason is you can’t crack Excel 2016 password if you don’t have any knowledge about its structure. There are no tricks here, like guaranteed decryption of Excel 97-2003 documents (https://accessback.com
). Excel 2007-2016 are different in that. The only option left is exhaustive search. And since we know nothing about password structure, we have to try all of them. Like in ‘every single f**ing password variant’. Which means, a pitiful 7-characters password will be bruteforced in about several thousands years:
Too slow? Yup. And it won’t be much faster. Trust me: our software is extra optimized in terms of performance. Yes, you can scale it up by adding more faster GPU, but that is a much more expensive way. Not a twenty bucks way, at least. :)
The rating of GPU if you are interested - https://passcovery.com/password-recovery-software/gpu-performance.htm
So, how can one #breakpassword
This is possible only with due preparation and at least approximate knowledge or guess about what we seek. You better know something about the password structure, but the bare minimum is at least some speculations to start attacking the password.
While direct exhaustive search is ineffective, we have only two options left:
- Dictionary attack with mutations. Assuming the password is a word, a group of words or modified words (password -> p@$$w0rd), our software can attack the password using mutations in the specified dictionaries. Here is a video example - https://youtu.be/GIYLN1Uy8_M
- Extended mask attack. If you know at least something about the password structure you can try to compose a complex mask. In our software you can specify even such exotic rules as: the first symbol in the password is a capital letter, the second is a number only, then we’ve got a line of letters, and in the end – a number and a special character (P4hdJfy9!). That is a real-world example, by the way - https://passcovery.com/helpdesk/knowledgebase.php?article=53
Anyway, the fellow is hardly going to get his ‘free’ exam, but he never knows about it, because goddamn Reddit removed my comment. ;)
PS: Oh, of course, there’s always a possibility, that the password was set by a clueless idiot who managed to come to a ‘brilliant’ password 12345