Reply to post: Not impressive but....

Sysadmin cracked military PC’s security by reading the manual

steviebuk Silver badge

Not impressive but....

...I was chuffed & know I was SUPER lucky.

Just been asked to get a password for Excel that was set to protect a sheet. Not the best of security I know but still. Normally use an article I found ages ago about the AllInternalPasswordMacro. Didn't use it this time, wanted to try something different.

I use Sysinternals software all the time. Didn't think it would help though, really need to look at memory I thought. So turned to Process Hacker. Ran Excel, got the Unprotect Sheet dialogue box up, put in anything, got the "The password you supplied is not correct" box up then looked in Process Hacker. Looked at the properties of Excel, looked at memory, then looked at Strings, did a filter for word "password" and only a few results back all related to the "The password you supplied is not correct" dialogue box. Double clicked it to show what was in memory at that moment in hex. Saw that wording and soon after saw

s.i.t.e-n.a.m.e

I wondered if this was some kind of hint prompt so put in the actual site name that the document was about. Sure enough it worked. I was in.

Nice.

I've tried to recreate it on the same document but can't. Haven't seen the s.i.t.e-n.a.m.e in the hex entries since. And playing with excel it appears when you set the password for the protection of a sheet, there is no option to give a password hint.

Got proper lucky on that one. Maybe I'll buy a lottery ticket tonight.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019