HAN.xlsx [Read-Only] - Excel at Microsoft Excel!
Home
Introduction
Excel
101
So, you're new to spreadsheet huh.. Check this out!
Excel
Formula
How to write an excel formula!
New Posts
Love
Meter
Who is Your Crush's Big Time Crush?
Unprotect
Sheet
Remove password from protected worksheets and workbooks!
Dictionary
Attack
Open password-protected excel file using a dictionary attack!
Projects
Gag
Love
Meter
Who is Your Crush's Big Time Crush?
Other
Gag
Coming soon!
Social Network
Excel
Facebook
Coming soon!
Excel
Twitter
Coming soon!
Games
Formulas
Financial Modeling
Developer
Passwords
Password Recovery
Unprotect
Sheet
Remove password from protected worksheets and workbooks!
Dictionary
Attack
Open password-protected excel file using a dictionary attack!
Brute-force
Attack
Learn how to open password protected Excel File! Coming soon!
About
HANxlsx
About
Me
A little intro..
Privacy
Policy
Privacy Policy!
Disclaimer
Disclaimer!

[back to top!]

Coming up next!

Chatting and updating status using excel spreadsheet like a boss!

Our next excel project is to create a facebook-like excel spreadsheet that works like facebook. You don't say.. :D

Stay tuned, people! More cool stuff is coming!

Wednesday, November 28, 2012

Part I: Open Your Password-Protected Excel File: A Dictionary Attack!

In cryptanalysis and computer security, a dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by trying likely possibilities, such as words in a dictionary.

A dictionary attack uses a targeted technique of successively trying all the words in an exhaustive list called a dictionary (from a pre-arranged list of values). In contrast with a brute force attack, where a large proportion key space is searched systematically, a dictionary attack tries only those possibilities which are most likely to succeed, typically derived from a list of words for example a dictionary (hence the phrase dictionary attack). Generally, dictionary attacks succeed because many people have a tendency to choose passwords which are short (7 characters or fewer), single words found in dictionaries or simple, easily predicted variations on words, such as appending a digit. However these are easy to defeat. Adding a single random character in the middle can make dictionary attacks untenable.

Ok, that's what Wikipedia says about dictionary attack. To better understand what dictionary attack is, please read the following story!

So, let's say you've got a password protected excel spreadsheet from your crush. Your crush told you that her number was somewhere in the file and you really liked to ask her out!

Then you decided to call your friend, a computer genius.. You really needed his help.. Your friend told you "Dude, why don't you try to open the file using her birthday? hmm.. Her pet's name.. her last name, her first name.. Hmm.. let me think.. Why don't we try combination of words from a, aa, aaa, aaaa, a1, aa1,aaa1, aaaa1, a2, aa2.. until we succeed.."

Ok, what kind of 'genius' is that.. Btw, that's what we called a brute-force attack..

It doesn't make any sense to use aaaa1 as password.. Doing that is a waste of time..
You want to find words that make sense..

TADAAA.. “Why don't I use my dictionary to help me figure out words to use as her possible password..” Let's start with A..

Well.. That is a dictionary attack! Well, good luck with your project!!

It will take.... hmmmm.. FOREVER.. to do it by yourself..

So, this little VBA program here, will help you do your homework! This is just a simple VBA program to help you understand how a dictionary attack works..

This chart explains how things work:



I will explain the VBA logic and how it works in the next post (part II).

For those who can't wait, download this program and use it to open this file.

-------------------------------------------------------------------------------------------------------------------------

To be continued! Part II: Open Your Password-Protected File: A Dictionary Attack!

Stay tuned!