::: Recover MS Excel 2007 Password ::: (Not all 2007 versions) :::

Hello All,

Many times, we face this situation of having a document and we dont remember the password.

many a times it is MS Office suite files, which are basically Compound documents consisting of XML metadata.

There are several tools available to recover MS excel 2007 password.
however, all tools are paid and you have to spend a lot to use those tools.
Here I am gonna show you, how you can remove password of MS excel 2007 manually, without using any tool.

MS Excel 2007 have different types of file with file extentions like :xlsx, :xlsm, :xltx, etc.
these file types are called Open XML because these file type contains XML files.
You can see XML documents which makes excel spreadsheet by changing its extension to zip.
Only use 7-Zip to extract or Open these compound documents, it might give error if you use WinZip or WinRAR.
You can remove excel password by editing Open XML files. Follow the steps given below to remove password of password-protected excel files.
1. Create backup of the password-protected excel file.
2. Rename the file extension to .zip from .xlsx.
3. Now extract the whole content of zip file, by ONLY using 7-zip and NOT WinRAR/WinZip
4. Search for xml format of targeted sheet. there you will find it in ‘xl -> worksheets’ directory.

doc1
5. Open the xml file of targeted sheet in xml editor.
6. Now search for ‘sheetProtection’ word in that xml file and remove it.

doc2
7. Save this edited xml file and replace it with old xml file in zip files.
8. Now change the extension from .zip to .xlsx.

Now you can double click on this spreadsheet, it will open normally it will not prompt for any password.

This method will work only for earlier versions of MS Excel 2007,

:::NOTE:::
There have been some fixes, and also the way these compound documents are created, so maybe some 2007 and later versions, this trick may not work the same.

 

So for those files, the only last option remaining is to Brute-force the password by utilizing the GPU and CUDA, which can easily take from seconds to weeks, depending upon the complexity and the character set involved in the actual password and the system resources [CPU & GPU].
As MS keeps us all busy on Tuesday’s 🙂

Thanks

Nitin Kushwaha

ACA.ACSP.RHCSA.RHCE.CHFI.CEH.SCSCA.CIW-SA.MCSE.MCSA.MCP.ITIL

Advertisements
Categories: Basics, ComputerForensics, DigitalForensics, Ethical Hacking, Googled, Hacking, Hot and Latest, Microsoft Windows, MyOwn, Office, Personal, Techno, Uncategorized, Windows Vista | Leave a comment

AI — Artificial Intelligence, Hacking the Game, not as Human-Being.

AI — Artificial Intelligence, Hacking the Game, not as Human-Being.

In my Previous article, I showed you how to manually hack the Diamond Dash Game, which is still time consuming…
When you play Diamond Dash game,

clicking again and again is too tiring for some.

here i present you an Artificial Intelligence part, which plays the game for you,
yes , almost like a Human-being.

Follow the steps:

either search for DiamondDash FACILE.exe
it is 336kb in size.

and I am uploading it as well on some site.

http://www.4shared.com/rar/mnl-89pb/DiamondDash_FACILE.html

Step1> Start your game inside mozilla firefox, dont click PLAY untill now… wait
Step2>start Cheat-Engine–>select the plugin/ process normally thats the second one.
step3> Start the DiamondDash FACILE.exe

now the language needs to be set to english, follow my screenshots attached.
then you need to MAP the co-ordinates with that of your game screen.
while doing this the game should be started with the cheat engine speed reduced to 0.4x or 0.5x
if you can manage try 0.3x for scoring maximum.

once the mapping is complete, then select the AUTO checkbox inside DiamondDash FACILE.
and the rest is the Game AI will continue…

 

 

 

 

 

 

this only works for Mindjolt Diamond Dash.
Hope this helps,

This is only for FUN ♥

Thanks

Nitin Kushwaha

RHCSA.RHCE.CHFI.CEH.SCSCA.CIW-SA.MCSE.MCSA.MCP.ITIL

Categories: Basics, Browsers, Ethical Hacking, Googled, Hacking, Hot and Latest, Microsoft Windows, MyOwn, Personal, Press Info, Techno, Uncategorized | Leave a comment

Everything is Fair in LOVE ♥ WAR ♥ and GAMES ♥

Hey Fellas,

Everything is Fair in LOVE, WAR and GAMES !

last week, I started playing games on Facebook,
I had seriously spent more than 28-48 hours at a stretch, just to WIN.
and I did WIN a GOLD MEDAL in Diamond Dash game.

This was my hardwork,

later, I did realized that it was a Weekly tournament,
and so i will need to keep up with my score for the next week as well.

Hmmm…
so, I found another way out!

Hacked the Game — Simple.

These all games on Facebook are normally SWF (FLASH) based.
and now recently Facebook has started Securing them with the use of ActionScript3 (AS3) and FBML

using AS3, we can use the Get/Set method’s which are used to prevent the in-memory values from changing.
however, these games when running have to write in memory to keep a track of the scores, lives…etc.

and Flash is known to save the values in the multiples of 8.
we wont go into memory hacking for now.

Just to keep it simple.

we will look at 3 different options of using these for Hacking the Facebook Diamond Dash Game.
the same options can be used with many games.

we will just focus on Diamond Dash.

we have 3 options:::

1> using a add-on for Mozilla Firefox
Leethax version:2012.09.25b
download it from:
http://leethax.net/

2>using Cheat Engine any version upto v6.2
download it from:
http://cheatengine.org/

3> there are many more tools for In-Memory Scanning, Debugging and Editor
Cheat-Engine is All-in-One, then there is TSearch and so..on.. and so forth.

Lets get started.

I have included my screenshots, and i have removed some of my Friends name.

However, the Credit goes to my FRIENDS ♥

Step 1:

We use the option 1, and download the LEETHAX plugin extension,

it will get install, and then ask for a reboot of the Firefox browser.
my Firefox is version 15.0.1

after installation, just play games on Facebook, if the logo is shown of leethax, then you can click on it and see what options are available, in Facebook Diamond Dash, i get the option to Freeze, and increase points.

the picture below shows the logo of Leethax.net

here are the options within the Diamond Dash game.

and you can start, Freeze the time, and play as much you want…

as you can see now, i have +99 extra LIVES, and other Magic bomb, and Color splash too…

Step 2:

We use the Cheat Engine — It is a In-Memory Scanner & Editor

however, we are only using it for Increasing the speed and Decreasing the speed of our Diamond Dash game.

by using the Enable SpeedHack option

the normal speed is 1.0x, 0.5x is half,

when you want to get FREE LIVES in Diamond Dash, just set the Speed to max 200 and wait for 30 seconds approx, it will get you 5 LIVES for free, YES!!! you dont need to spend money to buy them…

and remember always to APPLY changes by using the Apply button within the Cheat-Engine.

when you are at the ” Play ” option , you can just set these above options, reduce the speed, and apply and then click “PLAY”


I am using Mozilla Firefox, so whenever a Flash game, or video is played then the Plugin-container / Flash plugin is running in the process-listing, normally i have found that the second one is the right one which contains the game.

please try to play only one game at a time, if using Cheat-Engine.

because Cheat-Engine will capture the memory address and when you freeze the game it just keep those memory addresses in memory…

There is lot more…

Hope you all like this tutorial,

I really played this Game for approx 36-42 hours and i had won, but then putting in so much time for a game, for a person like Me, no way, so i had to find the way out, and here is the proof, and i wrote this tutorial so that my Friends can know that now my scores are only hacked ones…

Except for Bricks Breaking… ♥ (I am not able to trace the memory address)

I also have the source code for the three major games on facebook.

1>Diamond-Dash, 2> Angry-Birds, and  3> Mindjolts Bricks Breaking.

This is only for FUN ♥

Thanks

Nitin Kushwaha

RHCSA.RHCE.CHFI.CEH.SCSCA.CIW-SA.MCSE.MCSA.MCP.ITIL

Categories: Basics, Browsers, Ethical Hacking, Hacking, Hot and Latest, MyOwn, Personal, Press Info, Techno, Uncategorized | Leave a comment

♥ FinFisher – FinSpy ♥ from Gamma International, Governmental IT Intrusion tools

Hey Fellas,

As i had discussed and named “FinSpy”

we will look into it now.

The British government allowed snooping technology to be exported to repressive foreign regimes, including Iran.
Indeed, for a while now privacy outfits have been wondering how this country got its paws on some natty software to spy on its people.

Later there were reports that Gamma International was also selling “FinSpy” technology to the now-fallen Egyptian government of Hosni Mubarak,
which was used to hack into people’s email accounts or simply take full control of their PCs.

http://www.finfisher.com/FinFisher/en/index.php

Have a look at these videos:: and you can think how safe we are in this world of Networked Trojans…

FinFisher Trojan tools

FinFly ISP

Finspy

Finspy mobile

Fintraining

and guess, the Whole Package, as a Kit

Fintrusion kit

I found one trojan trace… and thats how i came to know of this.

Who knows, how many Government of India’s PC’s / Network are already infected with such similar tools.

and ya, forget the end-user’s, who just clicks any links… may god help them ♥

Hope this helps!

Thanks

Nitin Kushwaha

RHCSA.RHCE.CHFI.CEH.SCSCA.CIW-SA.MCSE.MCSA.MCP.ITIL

Categories: ComputerForensics, DigitalForensics, Ethical Hacking, Googled, GSM, Hacking, Hot and Latest, IncidentResponse, Linux, MediaAnalysis, Microsoft Windows, Mobile Forensics, MyOwn, Office, Penetration Testing, Personal, Press Info, Techno, Uncategorized, Windows Vista | Leave a comment

Google Drive. Keep everything. Share anything:: Another Cloud Service (SaaS)

Hey Fellas,

Google India just launched today their new “Google Drive. Keep everything. Share anything.”
it’s Free upto 5gb per account, and additional 2.50$ a month for upgrading from 5gb to 25 gb.

It’s just Google Docs New Home…

sounds good.

here is the product video:

Hope this helps!

Thanks

Nitin Kushwaha

RHCSA.RHCE.CHFI.CEH.SCSCA.CIW-SA.MCSE.MCSA.MCP.ITIL

Categories: Googled, MyOwn, Personal, Press Info, Uncategorized | Leave a comment

Memory Forensics :: Treasure Hunt inside 0’s and 1’s ::

Hey Fellas,

Many times, my friends and my colleagues have asked me regarding how-to’s and what is it that one can finally get out of the Memory Forensics ???

In the year 2006/2007, i did however was able to extract the WinZip password of a given archive from the memory.

there are many applications currently in use, i don’t want to name them specifically, again you can call it a Treasure Hunt.

There was a Demonstration in 2007/2008 by students of Princeton University, which can be found here

https://citp.princeton.edu/research/memory/

this demonstrated how one can easily find and recover the encryption keys for the WDE/FDE encryption softwares.

However, we will be focussing on Memory Forensics and Analysis here.

so, first things first…

Acquiring the volatile memory contents from a system is a relatively new trend to acquire, and when it comes to collecting volatile data. It wasn’t until the recent years that we learn how to analyze this data in order to extract the valuable data contain within the volatile memory.

The Treasure or the valuable data that can be found inside the memory consist of the following, not limited to…

  • Unencrypted password’s
  • Current processes and loaded DLLs
  • Network connections / Sockets
  • Registry entries / hives that were loaded at the time this memory dump was taken
  • Malware – Adwares – Keyloggers – Traces and Handles / hooks to the Kernel

For, Acquiring this memory dump, there are lot of tools available like:

FTK Imager, DumpIt, FastDump, DD, MemDump…etc

There are also some Firewire based techniques, however, not all Server’s or Desktops have them enabled either Physically wired to the cabinet from the motherboard, and some just don’t exist.

Will continue further…

Hope this helps!

Thanks

Nitin Kushwaha

RHCSA.RHCE.CHFI.CEH.SCSCA.CIW-SA.MCSE.MCSA.MCP.ITIL

Categories: Basics, ComputerForensics, DigitalForensics, Googled, Hacking, Hot and Latest, IncidentResponse, Microsoft Windows, MyOwn, Personal, Press Info, Registry, Techno, Uncategorized, Unix | Leave a comment

Tracking and Recording spy-ware

Fellas,

Something new and different to share,

A new spyware which infected many of one HTC phone running windows 5.5 O/S, also there are Android ones in the wild…

This spyware was installed in the phone, and it was recording the coming and goings of the owner and leaving a .xml of all recorded GPS locations on this  said phone,contacts etc and the owner could not turn it off or delete it from doing so.

Just think… Are we Secure,

What about an Individual’s so called Privacy ???

Ever Heard of FinFisher ???

will write about it…

Hope this helps!

Thanks

Nitin Kushwaha

RHCSA.RHCE.CHFI.CEH.SCSCA.CIW-SA.MCSE.MCSA.MCP.ITIL

 

Categories: Basics, Browsers, ComputerForensics, DigitalForensics, Ethical Hacking, Googled, GSM, Hacking, Hot and Latest, IncidentResponse, Microsoft Windows, Mobile Forensics, MyOwn, Penetration Testing, Personal, Press Info, Red Teaming, Techno, Uncategorized | Leave a comment

HDD Low Level Format

Hey Fellas,

A few days back, I was having a conversation with my friend, and we came to the topic of Low Level Formatting of HDD, which use to exist under the older versions of PHOENIX and AMI Bios Chips in the early 2000, which is no longer supported in current versions of the Bios.

however, there are some tools like  http://hddguru.com/software/HDD-LLF-Low-Level-Format-Tool/

Supported OS: MS Windows XP, Vista x32/x64, 7 x32/x64, Server 2003, 2008, 2008R2

HDD Low Level Format Tool is a utility for low-level hard disk drive formatting.

  • Supported interfaces: S-ATA (SATA), IDE (E-IDE), SCSI, SAS, USB, FIREWIRE.
  • Big drives (LBA-48) are supported.
  • Supported Manufacturers: Maxtor, Hitachi, Seagate, Samsung, Toshiba, Fujitsu, IBM, Quantum, Western Digital, and almost any other not listed here.
  • The program also supports low-level formatting of FLASH cards (SD, MMC, MemoryStick and CompactFlash) using a card-reader.

This HDD Low Level Format utility is free for home use. It can erase and Low-Level Format a SATA, IDE, SAS, SCSI or SSD hard disk drive. Will also work with any USB and FIREWIRE external drive enclosures as well as SD, MMC, MemoryStick and CompactFlash media.

An option to quickly wipe partitions and MBR data is available.

WARNING: After running this low level format tool, the whole disk surface will be erased.
Data restoration is impossible after using this utility!

Free for personal/home use (speed is capped at 180 GB per hour which is 50 MB/s)

Use this at your own RISK

This site also has got some more advanced tools like MHDD which is for querying the DISK Controller for HPA and DCO.

Hope this helps!

Thanks

Nitin Kushwaha

RHCSA.RHCE.CHFI.CEH.SCSCA.CIW-SA.MCSE.MCSA.MCP.ITIL

Categories: Basics, ComputerForensics, DigitalForensics, Ethical Hacking, Googled, Hacking, Hot and Latest, MediaAnalysis, MyOwn, Personal, Press Info, Techno, Uncategorized | Leave a comment

Microsoft Windows 8 Forensics

Hey Fellas,

Just installed Windows 8 Release Preview,

and now there are more than one location for finding the bits and pieces, or so called Artifacts of W8.

W8 features a Hybrid Boot which uses hibernation technology to allow faster startup times by saving the Windows core’s memory to the hard disk and reloading it upon boot… hmmm

will post some more findings on it.

Public release of W8 will be in Oct 26th 2012.

Thanks

Nitin Kushwaha

RHCSA.RHCE.CHFI.CEH.SCSCA.CIW-SA.MCSE.MCSA.MCP.ITIL

 

Categories: ComputerForensics, DigitalForensics, Googled, Hot and Latest, Microsoft Windows, MyOwn, Personal, Press Info, Techno, Uncategorized | Leave a comment

Social Networking & Chatting with the Unknown’s

In this video, you will see that it may happen, if your children are not being monitored for what they have been doing on the HotWire::The Internet.

This Video was found on the internet.

In a recent case, where many guys have complained, that they had chat with a nice good looking girl in Mumbai, and they even shared the contact numbers, however when they planned to meet up, they all had landed up in trouble.

Guess what ???

They went to the location where they were expecting to meet this young, hot looking girl, but were robbed and beaten up so rudely…
so Guys be careful, whom you chat whom you socialize with…
(This video shared here is not mine, and the characters shown here has got nothing to do with this.)
Internet in India is just beginning to see the CyberCrime…

Categories: Googled, Hacking, Hot and Latest, MyOwn, Personal, Press Info, Techno, Uncategorized | Leave a comment