[PLUG] Read-only .doc file?

Tim tim-pdxlug at sentinelchicken.org
Tue Sep 15 17:27:07 UTC 2009


Protecting documents against modification is kind of a joke... if you
can read the data (i.e. it's not encrypted or you know the encryption
key), you can change it.  It's just a protection mechanism only
enforcable in software you use to read it.  

In my grad school crypto class, we cracked the Excel hashes used to
enforce this exact type of protection (though I don't know if it is
the same for .doc files).  I reversed the weak hash using pen and
paper, so not only is the protection pointless since you can just
remove the hash from the file header, but you can also figure out the
password used to protect the document.

Anyway, I thought there was a way to remove this kind of modification
protection in documents through open office.  Maybe somewhere in the
security preferences or something.  The harder stuff to get around is
the read-protection encryption (though it's also somewhat weak), but
this should be easy to disable in theory and hopefully practice as
well.  If you easily remove it without knowing the hash, there should
be a number of .doc file password crackers out there you could use.

Good luck,
tim



More information about the PLUG mailing list