openoffice-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Klaus Muth <m...@hagos.de>
Subject Re: Need Help - Solved, got help
Date Sat, 08 Mar 2014 06:46:06 GMT
Quick update.

Since I was really interested in password security of OpenOffice, Vanessa had
not much trouble to talk me into giving it a try. So I compiled an MPI
version of john and started it on my i7-2600 4-core 3.4GHz on 7 CPUs, John
chose to use the AVX extension (no fancy graphic card - so no NUMA or CUDA)

I had some infos (language + max pw length) from Vanessa.

It took a total of 77h of CPU time in incremental mode (no hit in single shot
and dictionary mode) to get a 7 character all lower case password with this
setup.

I was able to send back an unencrypted 433 pages book.

No, I'm not that interested - I won't do that a second time. I provided all
information needed to do it yourself.

Am 06.03.2014 15:02, schrieb Klaus Muth:
> Ok. Tried out. You need:
> 1. Encrypted OpenDocumentFormat File (i.e. your book)
> 2. John The Ripper from http://www.openwall.com/john/, I used
>    http://www.openwall.com/john/g/john-1.7.9-jumbo-7.tar.bz2
> 3. A Linux System (There is a Windows binary too)
> 
> - Now Download john, then untar it:
>     tar xvfj john-1.7.9-jumbo-7.tar.bz2
> - compile it
>     cd john-1.7.9-jumbo-7/src
>     make clean linux-x86-64-native
> - test it
>     cd ../run
>     ./john --test
> - get password hash:
>     ./odf2john.py MyImportantCrypted.odt > passwd
> - crack password hash
>     ./john passwd
> 
> In my example it took john 17 seconds to realize that my password was
> actually 123456 - which is of course the most commonly used password ever and
> so one of the first tested options:
> 
>  ./john passwd
> Loaded 1 password hash (ODF SHA-1 Blowfish [32/64])
> 123456           (MyImportantCrypted.odt)
> guesses: 1  time: 0:00:00:17 DONE (Thu Mar  6 14:43:10 2014)  c/s: 1132
> trying: 123456
> 
> You might need some kind of Computer Nerd and some fast hardware to crack
> your ODF Password, but that might be easy to get compared to writing your
> book again.
> 
> Using passwords on the only original of a file is generally a bad idea - you
> use them to secure a copy you want to send by mail or on a stick.
> 
> 
> Am 06.03.2014 13:11, schrieb Vanessa Silva:
>> Hello,
>>
>>
>> i’ve written a book, took me over 200 hours, saved it with open Office writer and
made a Password for it. Then i didn’t use the document in a while and now i forgot the Password.
Please help me, i Need my book back! Can i send you the document per E-Mail? can you erase
dthe Password? Please, i beg you. I Need it!
>>
>>
>> I’ll wait for your answer.
>>
>>
>> Vanessa Silva
>>
>>
>>
>>
>>
>>
>> Gesendet von Windows Mail
>>
> 
> 
> Freundliche Grüße
> 


Freundliche Grüße
-- 
Klaus Muth
HAGOS eG                   Industriestr. 62     fon:   (+49) 711 78805-7086
EDV-Programmierung         70565  Stuttgart     fax: (+49) 711 78805-957035
http://www.hagos.de            Germany                 mailto:muth@hagos.de

HAGOS Verbund deutscher Kachelofen- und Luftheizungsbauerbetriebe eG
Sitz:                      Stuttgart
Rechtsform:                Genossenschaft
Registergericht:           Stuttgart GnR 77
Vorstände:                 Guido Eichel, Ralf Tigges
Aufsichtsratsvorsitzender: Thomas Müller
USt.-ID-Nr.:               DE 147799748

-------------------------------------------
List Conduct Guidelines: http://openoffice.apache.org/list-conduct.html
To unsubscribe, e-mail: users-unsubscribe@openoffice.apache.org
For additional commands, e-mail: users-help@openoffice.apache.org


Mime
View raw message