ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

Crack password - RC4 40 bit decryption of documents - second part

Updated on April 2, 2013

Ok, no much introduction, we will directly jump to the subject matter. If you want to get some basics on what we are talking about please read my earlier article - Crack password of documents - Word, Excel, Pdf - security concerns

This article is for learning purpose only, shows the vulnerability of legacy RC4 40 bit encryption on documents.

As explained in my previous hub, we will brute force the encryption key instead of password, the easiest and possible way. So we need to validate each possible key available in the key space against the ‘verifier hash’ which is stored in the RC4 encryption header in the document (word/excel).

RC4 Encryption Header

Now we will check the document RC4 header structure and see what is stored there.

Source

EncryptionVersionInfo (4 bytes): Version information of the product or feature, in our case the encryption. There are two part for this – version major and version minor, and values for these should be 1 (0x00001), which tell us this is the RC4 encryption.

Salt (16 bytes): A randomly generated array of bytes, which is the salt value used during the password generation.

EncryptedVerifier (16 bytes): Additional 16 byte verifier encrypted using a 40 bit RC4 cipher. Read more about this here

EncryptedVerifierHash (16 bytes): A 40-bit RC4 encrypted MD5 hash of the verifier used to generate the EncryptedVerifier field.

Simply, we need all these 3 fields – Salt, EncryptedVerifier and EncryptedVerifierHash to generate a final decrypted hash value which then will be compared against each key in the key space (brute forcing). And if a match is found, then that’s our actual key which can be used to decrypt the document content.

How to read the document header?

Microsoft word and excel are compound/OLE documents, which means, it has different sections (object) stored in one file and each section carries different types of information. So our RC4 header would be stored in one section, the encrypted content would be in another section and so on (called Ole Storage).

It would be a good idea to use an OLE programming method to read the file so that we can directly read the RC4 header information instead of searching and seeking through the file and reach the correct position of the RC4 header.

Each section of the file (OLE Storage) has a unique name which can be used to access that particular section. RC4 header section name is “1table” so in our code we will get access to this section through OLE by using this unique name (there are other sections also like "0table", "worddocument" etc. in a word document.)

For programming on .NET framework, we can use OLE interopservice class available in .NET (System.Runtime.InteropServices) with Win32 API call to "ole32.dll". If you are comfortable with any other OLE implementation that should be fine, choice is yours. And if it is not for testing, but you really want to develop something robust then I suggest C or C++, may be with VC++ .net.

[DllImport("ole32.dll", CharSet = CharSet.Unicode)]
public static extern int StgOpenStorage(//-- parameters -- );

Once we read the content (stream) available in the “1table” section, we will take first 52 bytes of ‘1table’ stream which has all our required details to brute force.

The first 4 bytes has version Major and version Minor info. As mentioned above, it should be 1 (0x00001) to ensure that we a have proper version of encryption header.

The next 16 byte is Salt.

The Next 16 byte is EncryptedVerifier and the

Last 16 byte is EncryptedVerifierHash

Well, now we have got all the required information to brute force the key. And we use these details to build the final decrypted verifier hash to compare against each key in the key space.

So here we have two things to do mainly:

1. Write an algorithm to get all available keys in the key space. – you may search on the net for a code piece which will output all the key one by one  in a 40 bit key space, or you can write your own code. It is just looping through..yea our “for int i=0….” stuff only.

2. Write the code to create the ‘decrypted verifier hash’ using header details (salt, encrypted verifier etc.) to validate against the key. I have given a link below to get some sample code, go through the link and try your self. My time is limited now, and when I get time probably I will write fully optimized code to test this and add a link here.

Then finally match the ‘verifier hash’ with each key and if we found a match - decrypted verifier hash = key – we go the key to decrypt the document content. Use an RC4 decryption algorithm to decrypt the content using the key, once decrypted save this changes. Our document should now be unprotected, enjoy.

Here is the link to sample source code. But in this code, the word file is accessed via direct file stream operation (File.OpenRead) but not OLE method. When I tried this, the code is failed to show me the RC4 encryption header details. Then I did some search on the net, changed the file reading to OLE and read the “1table” stream and it worked well. Also I had to do some minor changes. So test yourself and learn, it is interesting (to me at least ;-))

And final words, there are tools called guaword and guaexcel which does all these. You can download demo versions of them, and its beta version is free. But no source obviously!

Let me know if you like this hub and your comments.

Comments

    0 of 8192 characters used
    Post Comment

    • profile image

      learner 

      4 years ago

      I like this post very much,

      I chk the link you maintained in your link http://offcrypto.codeplex.com/releases/view/22783

      but its not working and you also said in your post its not working but when u use file reading to OLE and read 1table stream its work.

      can u now please provide me your working sample for this to decrypt the word file.

      thanks.

    • profile image

      dashka 

      5 years ago

      how to sample source code OLE ABOUT help implentation

    • profile image

      dashka 

      5 years ago

      throw new Exception("Incorrect Version"); error word password help me

    • profile image

      varun 

      5 years ago

      The comment in the sample code says that "the key is always 128 bit" , but the key should be 40 bits ! What does that mean ?

    • profile image

      yd 

      6 years ago

      u rock man...

    • psf profile imageAUTHOR

      psf 

      7 years ago from Canada

      If you want to do it programmatically, you need to search on the internet by using the knowledge you earned from this article (try RC4 decryption algorithm or MD5). Or if your intention is just to decrypt the document search for guaword and it should help you. Its basic version is free.

      Thanks

    • profile image

      Flávio Freitas 

      7 years ago

      I have an encrypted Word 97 doc and I know the initial first characteres of the same file. How it can be helpful to extract the rest of the text? Or, what can be more fun, the password? If you can, please send a mail to zz4fff (AT) yahoo.com.br. Thanks!

    • psf profile imageAUTHOR

      psf 

      7 years ago from Canada

      Hi chip19, thanks for your comment.

      There is an extra ")" in your link, hence I have given the correct link below again:

      http://offcrypto.codeplex.com/releases/view/21506

      thanks again.

    • profile image

      chip19 

      7 years ago

      Thank you very much for writing this article. I did a lot of research into cracking Word passwords, and I heard that 97-2000 used 40-bit RC4. However, it wasn't until I read your hub page that I understood exactly how it worked.

      One thing I would add for people who want to try to implement this on your own -- make sure you do use the ManagedRC4 (available from the same site as the above source code -- http://offcrypto.codeplex.com/releases/view/21506)... This implementation of RC4 differs from the usual implementation, and is required for the verification to actually work.

    working

    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://hubpages.com/privacy-policy#gdpr

    Show Details
    Necessary
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
    Features
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Marketing
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Statistics
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)