From: Caolan McNamara (Caolan.McNamara at domain ul.ie)
Date: Tue 04 May 1999 - 18:19:35 IST
You might be interested in the current state of affairs with my attempt
to decrypt word documents. I got some source that implemented the
microsoft multiple md5 style hashing, and was able to verify that the
password was correct. I extended it to attempt to decrypt the various
streams that make up an encrypted word document. So as it stands i am
able to decrypt the table stream correctly, but unfortunately only up
to a point, 0x200 to be exact. (suspicious number eh !)
the source is at
http://www.csn.ul.ie/~caolan/challenge/pass.tar.gz
the original encrypted table stream is the file en.01, and the semi-decrypted
file is the generated file "after". I wonder is there a standard mechanism
that is used with rc4 to tweak the key after 512 bytes ?. The other thing
thats bothering me is that while word is encrypted with 40bit rc4, i seem
to be using 128bit rc4 ?! (im sort of randomly hacking this one, i admit),
which is working, attempts to make it 40bit end in failure. Hmm, leaps in
the dark, gagh!, there are a slew of things wrong with the current
implementation in my head, but nonetheless the damn thing does actually
decrypt the first part of the file.
Someone with a better clue than me might be able to see some obvious problem
with this (massive optimism).
C.
Real Life: Caolan McNamara * Doing: MSc in HCI
Work: Caolan.McNamara at domain ul.ie * Phone: +353-61-202699
URL: http://www.csn.ul.ie/~caolan * Sig: an oblique strategy
Use an unacceptable colour
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:04:10 GMT