导航

[CFNews] Elcomsoft公司宣布支持Office 2013密码破解

Posted on 2012-09-27 08:53  YiDiscovery  阅读(1621)  评论(0编辑  收藏  举报

俄罗斯著名密码破解软件提供商Elcomsoft昨晚发布更新,更新主要针对Elcomsoft Distributed Password Recovery(EDPR)以及Advanced Office Password Recovery (AOPR),更新后两款软件支持针对微软Office 2013文档的密码破解。

 

原文自Elcomsoft.com


ElcomSoft has recently updated two products recovering Microsoft Office passwords with Office 2013 support. Elcomsoft Advanced Office Password Recovery and Elcomsoft Distributed Password Recovery received the ability to recover plain-text passwords used to encrypt documents in Microsoft Office 2013 format. Initially, we are releasing a CPU-only implementation, with support for additional hardware accelerators such as ATI and NVIDIA video cards scheduled for a later date.

Stronger Protection

In version 2013, Microsoft used an even tighter encryption compared to the already strong Office 2010. To further strengthen the protection, Microsoft replaced SHA1 algorithm used for calculating hash values with a stronger and slower SHA512. In addition, the encryption key is now 256 bits long, while the previous versions of Microsoft Office were using ‘only’ 128 bits. While the length of the encryption key has no direct effect on the speed of password recovery, the slower and stronger hash calculation algorithm does. It’s obvious that Microsoft is dedicated to making subsequent Office releases more and more secure.

No Brute Force

While we continue supporting brute force attacks, brute force becomes less and less efficient with every new release of Microsoft Office even with full-blown hardware acceleration in place. Office 2013 sets a new standard in document encryption, pretty much taking brute force out of the question. This is why we continue relying on a variety of smart attacks that include a combination of dictionary attacks, masks and advanced permutations. Brute-forcing SHA512 hashes with 256-bit encryption key is a dead end. Smart password attacks are pretty much the only way to go with Office 2013.