On 10/16/2012 04:15 AM, Tom Davies wrote:
> Hi :)
> This is pitiful. OpenSource sometimes has a reputation of being where
> reformed hackers go when they grow up or when they want more kudos. Maybe
> the devs list might have ideas? It's just 1 password! It can't be this
> tough! Maybe that reputation is just more FUD after all!
>
> Maybe try with Caps Lock off and then again with Caps Lock
> on. For some reason it recently seemed to make a difference if Num
> Lock was on, even when it was on i would have to switch it off and then
> on again. I thought it was just me but it's happened to me on a few
> different machines now and on all 3 OSes i commonly use. Hmm, it could still
> be me.
>
> Regards from
> Tom :)
Password cracking is not a "hacking" problem but statistical problem. On
a typical US keyboard there are 46 keys that generate 2 characters each
for a total of 92 possible characters for each character in a password.
If you have no restrictions on character use you have 92^x possible
characters in the password where x is the password length. If x is large
then the time to crack will increase very rapidly.
For example if your password is a word with or without simple
substitutions (eg. su6t1tUt10ns) and punctuation at the end it is
susceptible to a dictionary attack. If your password is random gibberish
(e.g. T"W.TI??R<X%L&"ckW@pgeiAl}C$YWH7mLa{;MbrDQ^>'qiWv*x"8|9.aiGJVK52 )
that includes any character on the keyboard in a random order then it
will take longer because a dictionary attack will not work and each
possible combination must be tested.The length of your password affects
how many possible guesses must be made. With a particular computer(s)
you have fairly fixed rate of how many guesses per minute you can
estimate the approximate time it will take to break a password. The
example above is 64 characters of gibberish and if you do not know what
the password length is you must each possible combination of characters
starting with 1 (or some other known minimum). Potentially you may need
to test 92^64 + 92^63 + 92 ^ 62 + ... + 92^1 possible combinations for
the password.
I use a password manager that I can set the length of the password to an
arbitrary length and have it generate string of gibberish that I do not
memorize. Anyone asking for my Facebook password in a job interview is
out of luck; I do not know it because I use a password manager and each
password I use is generated per account.
>
>
> --- On Tue, 16/10/12, Jean-Louis Oneto <[email protected]> wrote:
>
> From: Jean-Louis Oneto <[email protected]>
> Subject: Re: [libreoffice-users] Re: how to crack a PW in LO?
> To: [email protected]
> Date: Tuesday, 16 October, 2012, 1:40
>
> I used the following:
> http://www.crackpdf.com/
> but not the Pro version which allows to make brute force attack, but then,
> they warn you that it will take _a_long_time_ !!!
> To remove simple protections, it was really fast, but they unlock the file
> without retrieving the password (or at least they don't display it)
> Reards,
> Jean-Louis
>
> On 16/10/2012 00:23, Dr. R. O Stapf wrote:
>>
>>
>>
>> On 16.10.2012 03:32, Tom Davies wrote:
>>> Hi :)
>>> The trick is to try to remember what you might have been thinking about at
>>> the time. If that's even possible for anyone!
>>>
>>> There is no password cracking functionality or Extension for LO it's just
>>> the inept way MS fails to implement security. Just double-click on an xls
>>> or open LO and drop the xls into it or open LO and choose
>>> File - Open
>>> to navigate to and open the xls. File opens.
>>>
>>> My company's finance department asked me to add something to one of their
>>> spreadsheets but 'forgot' to tell me the password. One of them rushed down
>>> to give me the password but was somewhat mortified to find i had already
>>> made the change without having the slightest idea that there even was a
>>> password. There was a very cofusing conversation where neither of us had a
>>> clue what the other was talking about until i figured it out.
>>>
>>> The company still uses Excel and still attempts to 'protect' those
>>> spreadsheets with passwords that don't work. Occasionally people give me
>>> other files they want cracked which gives me a morale dilemma each time.
>>> Usually i just give a really half-hearted non-effort and then fob them off.
>>> Regards from
>>> Tom :)
>>>
>>>
>>> --- On Mon, 15/10/12, Dr. R. O Stapf <[email protected]> wrote:
>>>
>>> From: Dr. R. O Stapf <[email protected]>
>>> Subject: Re: [libreoffice-users] Re: how to crack a PW in LO?
>>> To: [email protected]
>>> Date: Monday, 15 October, 2012, 15:30
>>>
>>>
>>> On 15.10.2012 23:11, Andreas Säger wrote:
>>>> Am 15.10.2012 15:49, rost52 wrote:
>>>>> LO files can be protected with PWs when doing "save as".
>>>>> Fighting currently with an xls file and its lost PW, I wonder how LO
>>>>> files can be cracked? Can the
>>>>> MS related PW remover be used for LO as well?
>>>>> Thanks in advance for comments.
>>>>>
>>>>>
>>>> xls does not encript your document. The only thing that gets encrypted
>>>> is the password. Any old version of OpenOffice.org opens a password
>>>> "protected" xls ignoring the password.
>>> Thanks for the information. It seems that my version of LO 3.5.6.2 is too
>>> young to ignore the PW of
>>> an xls file.
>>>
>>> However, my question was how to open an LO file if the PW get forgotten
>>> (not and MS file)?
>>> Hints are welcome for the future.
>>>
>>>
>>>
>> Thanks to all of you providing me with lots of hints on not to forget
>> passwords or prepare in advance for it.
>> The SW I am using to crack an xls-file runs already for more than 60 h in
>> the background. It's a nothing to loose only to win job. 6 or 8 digits
>> alphanumeric no special characters is the PW used.
>>
>> Thereafter I will make a test cracking an LO file.
>>
>> The only thing which makes me wonder is that there are PW removing SW
>> commercially availabe which run demos and claim within 10 - 30 sec they
>> could remove the PW but open the xls file only when I purchase a full
>> license.
>>
>> Does someone has experience with such a SW?
>>
>>
> -- Jean-Louis Oneto
> email: [email protected]
>
>
> -- For unsubscribe instructions e-mail to: [email protected]
> Problems?
> http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
> Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
> List archive: http://listarchives.libreoffice.org/global/users/
> All messages sent to this list will be publicly archived and cannot be deleted
>
>
--
Jay Lozier
[email protected]
--
For unsubscribe instructions e-mail to: [email protected]
Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.libreoffice.org/global/users/
All messages sent to this list will be publicly archived and cannot be deleted
