Frequently Asked Question: Advanced Office Password RECOVERY or Advanced Office Password BREAKER?

May 20th, 2009 by Olga Koksharova

Time is money, difficult to contradict this fact. And another proven fact is that you lose something exactly when something turns out to be absolutely necessary. Once you lost a password to your Word document or presentation that you were going to give in an hour, or Excel report which was supposed to be sent to your manager yesterday… you will count seconds before you get back your files.

And so, the crucial difference between Advanced Office Password Recovery (AOPR) and Advanced Office Password Breaker (AOPB) lies in TIME needed for getting your data back.

The two programs have opposite approaches for decrypting the document contents. So, how do they work? Microsoft Office converts each password to its own encryption key. And so we can either search for the correct password itself or find the document encryption key. Accordingly, AOPR tries all possible passwords (using brute force/mask/dictionary attacks) to find the right one, whereas AOPB takes the document encryption key that you can use to decrypt the document and get your data back.

Since ElcomSoft developed special technology that uses precomputed tables for Word and Excel (Thunder Tables ™) with 40-bit encryption keys, it takes seconds to find Word and Excel encryption keys.

Find program differences reflected in the table:

Advanced Office Password Recovery Advanced Office Password Breaker
• works with all MS Office components (Word, Excel, Outlook, OneNote, Project, Visio etc)
• supports all versions (from ancient 2.0 for DOS to Office 2007)
• finds all kinds of passwords (to open, save, document/sheet protection, VBA etc)
• uses brute-force, mask and dictionary attacks
• does not guarantee finding long and complex password in real/reasonable time
• works with MS Word and Excel documents only
• supports Office 97/2000, as well as Office XP/2003 with default/compatible 40-bit encryption
• deals with file-open-passwords only
• uses encryption key attack
guaranteed key search and document decryption
instant key recovery using precomputed tables (Enterprise version only) with 100% probability for Word documents and 97% for Excel files

You see, it’s all about time. If you have time, you can use AOPR to recover lost password. If you have no time, use AOPB and attack the encryption key and decrypt your document instantly.


Tags: , , , , , , , , , , ,

Sign up for free ElcomSoft Password Recovery Software newsletter

46 Responses to “Frequently Asked Question: Advanced Office Password RECOVERY or Advanced Office Password BREAKER?”

  1. Patrick L. says:

    I own both programs and I am extremely happy with them. You guys are the best source on the planet for this stuff.

  2. Thanks for your kind words :)

  3. David says:

    I have 1 file that I need to break and like a fool I forgot the password after upping the standard encryption on the file to the 128 bit RC4, Microsoft Enhanced DSS. I am assuming that brute force will be by best option. Will AOPR work for me?

  4. Yes, AOPR will work. I recommend to try the dictionary attack first and then try brute-force. If you remember the password length and some symbols – you can apply mask to the brute-force.

  5. David says:

    Ok. Which version of AOPR do I need?

  6. David, it depends on the file format. Please see the supported file formats here:

    http://www.elcomsoft.com/aopr.html

    There is a table and the end of page.

  7. David says:

    Its an MS Excel 2003 file but like I said I upped the security to the 128 bit RC4, Microsoft Enhanced DSS and Diffie-Hellman. So Can I use AOPR or am I up sits creak? And which version?

  8. Home edition of AOPR is enough to find this type of password.

  9. Patrick says:

    Still waiting for PR for Office 2007.

  10. thao tran says:

    I use Home edition of AOPR to recover excel password. Can I stop and continue next day?

  11. Sure – you can stop password recovery and save the project. The project can be opened anytime and the recovery will start from last tested password.

  12. thao tran, of course. Look at [File] | [Open project], [Save project] menu items.

  13. BenK says:

    When I try and use the tables I get the error “Cannot find rainbow tables at this path” I copied the contents of the DVD to a USB drive. As a test, I tried to run them directly from the DVD and I get the warning about running them from the DVD and then get the same error as above.

  14. BenK says:

    My email was wrong in that last message, here is the correct one.

  15. Have you set the proper path to the pables in the program options? Press the Browse button (at the right of Use pre-computed hash tables), and select the right folder. For Word, it is the one that contains ‘0’..’5′ subfolders and missing.bin file; for Excel, it
    contains ‘0x62′ and ‘0x66′ subfolders.

  16. Humberto O says:

    I have an Access 2000 application, but the gay who manage this leave the company and no body nows the security password to acces the aplication, what software do you recomend for me.
    Thanks

  17. Humberto, what do you mean by “security password to access the application”? In any case, please try “Advanced Office Password recovery” first; if it will not help — I think your application uses some non-standard protection (not supported by our software).

  18. Bob D says:

    I have a Word 2007 encrypted document. The password is complicated. What is the VBA Backdoor? Will this help with my Word 2007 document? I don’t care what the password is as much as what is in the document.

  19. Bob D, if your document is protected by “file open” password the VBA Vackdoor will not help. This password is very strong and if it’s complicated – only dictionary attack may help. Also you can try to set a mask in brute-force attack if you remember the parts of password.

  20. Craig says:

    Can I log on as a guest on a remote computer, and recover a password if I have the screen name?

  21. Craig — sorry, no way. It is possible to get password hashes (to recover plaintext passwords from them) only having Administrator privileges.

  22. Ricardo says:

    Hola tengo un archivo de Excel 2003, pero codificado Microsoft Strong Cryptographic Provider, los programas de fuerza bruta y de diccionario no han ayudado, los he adquirido y me he arrepentido. La contrasena tiene letras minusculas, mayusculas y numeros y debe tener 10 caracteres. Su programa sirbe para acceder al archivo? Y si es asi que version. Gracia

  23. atsybulskaya says:

    Hola, Ricardo.
    Perdon per no haberle respondido antes. Es que, si el archivo contiene la codificacion Microsoft Strong Cryptographic Provider, no es posible garantizar la recuperacion de los datos(
    Ademas, ya has probado los programas de fuerza bruta y los ataques con el diccionario, entonces, si no lo consiguieron(aceder al archivo), nosotros tampoco podemos ((( lo unico que podemos ofrecerle es que trates de cambiar el diccionario, pero todavia no hay la garantia de recuperar la contrasena de 10 simbolos(

  24. Stevie says:

    I have about 20 Excel files, with a 97-2000 (RCA 40-bit) “file open” password on them.

    It appears the passwords are complex.

    I’m opting for Advanced Password Breaker Enterprise Edition; can you tell me how long the “Express Delivery” takes? (I am in Norwich, in the UK).

    Thanks,

  25. Usually, delivery trakes 3-4 days (we ship the disks from Canada).

  26. andy says:

    what the character which dosent recover.?????????

  27. Heiko says:

    Hallo

    Habe eine ältere Excel Datei mit einem PW versehen, welches ich vergessen habe. Habe den Passwort Breaker und lasse ihn momentan laufen. Zeigt mir fast 2 tage an! Ist das Richtig???.
    Desweitern zeigt euer scrennshot von dewm Programm in dem Feld Key einen Wert an.
    Muss der auch bei meiner Datei angezeigt werden? Bei mir ist das Feld nämlich leer!
    Noch eine kleine Frage:” muss das Proggie die gesamte Zeit durchlaufen oder wenn er das PW hat bleibt er stehen?”

    Vielen Dank für eine Antwort
    Heiko

  28. Heiko says:

    Sorry Schreibfehler
    Muss das Proggie die ganze Zeit laufen oder bleibt es stehen wenn es das PW gefunden hat?

  29. Hallo Heiko,
    wenn Sie eine Standard Version von Password Breaker benutzen, dann 2 Tage ist genau die Zeit, die das Proggie braucht. Das hängt von Ihrem System auch ab. Die Enterprise Version kann die Datei in Minuten entschlüsseln.
    Wenn das Programm das Passwort gefunden hat, bleibt es stehen. Dann sehen Sie in dem Feld Key den Entschlüsselungsschlüssel, damit Sie Ihre Datei öffnen können.

  30. Heiko says:

    Hallo

    Erstmal danke für die schnelle Antwort.
    Wie kann ich die Datei öffnen wenn in dem oberen Feld der Schlüssel steht?
    Ich muss ja aus dem Schlüssel irgendwie mein Password herausbekommen. Wie bekomme ich dann mein Password zu sehen. ich hoffe das die Frage nicht allzu anfängerlich klingt.

    Gruss Heiko Höer

  31. Klingt die Frage aber nicht anfängerlich :)
    Wenn Password Breaker den Schlüssel gefunden hat, zeigt es Ihnen den Schlüssel im Feld “Key”. Neben diesem Feld sehen Sie die Taste “Decrypt”. Klicken Sie auf diese Taste und speichern die Datei in einem beliebten Ort unter dem neuen Namen. Nun können Sie Ihre Datei öffnen und brauchen kein Passwort dazu.
    Ich hoffe, dass Sie Ihre Datei wiederherstellen :)

  32. vijendran says:

    …I have a protected word 2007 file (protected using 50,000 times of sha1, followed by AES-128). The password length is of 10 characters. Dictionary was attempted, but no password found. How long will AOPR take to recover the password in brute force search? (char set(68): A-Z, a-z, 0-9, 6 symbols).

  33. Obviously, brute-force attack on Office 2007 files won’t succeed for random 10-characters alpha-numeric passwords. It’ll take forever.

  34. Party says:

    {Great|Nice|Fine} {webpage|website|site}…

    Hey, this guestlistgen.com just linked to your webpage…

  35. Erika Gracida says:

    I forgot my password on a word document, I downloaded your trail version but it says:
    Safari can’t open the file “aopr_setup_en.msi” because no available application can open it.
    could you help me?
    Thanks!

  36. Nitish Kumar says:

    i am getting problem in using the AOPB.Everytime i use this software to decrypt a document the software crashes.I have read the help file but just cant use the software.plzzz help me.

  37. Peter says:

    I have an Excel 2007 file I am trying to open without any luck. No idea of the password. I downloaded some huge dictionary files (from theargonlistver and others), but on the large ones I keep getting an “out of memory” error or “invalid dictionary file” as soon as I run. These are pretty big files, .5 to 2GB. Have opened them up and they do appear to be in unicode for my character set. Any thoughts on how to debug?

  38. Betty Beckham says:

    I find that it is not able to recover the passwords I have set. Very disappointing.

  39. Ash says:

    Hi I used AOPB to decrypt one of my word files. The problem is, I got a very long key, which however, is not the password I set for the file. So I’d like to know if there is anyway to translate this key i got from AOPB to the actual password? Thank you!

  40. Ash,

    Unfortunately, no. This is just the encryption key — it is generated from the password, but there is no way to get the actual password back from the key. However, you can perform brute-force or dictionary attack on the password (which, of course, may fail on long and complex passwords).

  41. sylvie says:

    I have using MS Office 2000, i have lost password and it was important to recover my project work. Is it possible to recover password of office 2000. In which i can fix my pc issue.

  42. Mark Mitchell says:

    What are the limitations on the evaluation version?

  43. Mark Camaro says:

    Can I recover my password in MS OneNote 2013? using this software?

  44. Mike Lewis says:

    Can this software help to access password-protected discs? I have some 10-year-old Iomega Zip discs that are pw protected and I’d like to see what’s on them.

  45. Mike,

    Sorry, no. However, it seems that Iomega protection is weak, and it is possible just to reset the password (and there is no actual encryption). Here is the method I have found:

    http://insecure.org/sploits/zip-disk.password-problem.html

Leave a Reply