We purchased a copy of MS Office Home & Business 2013 (from a distributor), installed it on a new PC which I built and activated Office. This all happened in June 2015. All of the sudden, the user is prompted with a window informing her that the activation has failed and is asking for a product key.
Word 2013 Activation Crack
This was an indication to MS that there were some "junk files" (their words) left behind after attempting to uninstall the office suite. The representative said that there were also some keys in the registry that were left behind for them to clean up as well. After MS cleaned up the registry and the installation directory, they proceeded with a fresh install. Once the install was complete, I was able to activate Office 2013 Home & Business - permanently.
Weirdly, I just emailed Newegg Business about Internet activation not working with 2013 H&B keys I purchased from them. I have 70 keys I've bought from them, and in the last few months the activation failure rate has gone up to 100%. The phone activation process is a pain in the butt, to say the least, but it does work (eventually).
Weirdly, I just emailed Newegg Business about Internet activation not working with 2013 H&B keys I purchased from them. I have 70 keys I've bought from them, and in the last few months the activation failure rate has gone up to 100%. The phone activation process is a pain in the butt, to say the least, but it does work (eventually).
Microsoft Office files can be password-protected in order to prevent tampering and ensure data integrity. But password-protected documents from earlier versions of Office are susceptible to having their hashes extracted with a simple program called office2john. Those extracted hashes can then be cracked using John the Ripper and Hashcat.
This tool is written in Python and can be run right from the terminal. As for Office compatibility, it's known to work on any password-protected file from Word, Excel, PowerPoint, OneNote, Project, Access, and Outlook that was created using Office 97, Office 2000, Office XP, Office 2003, Office 2007, Office 2010, and Office 2013, including the Office for Mac versions. It may not work on newer versions of Office, though, we saved a DOCX in Office 2016 that was labeled as Office 2013.
Next, we need an appropriate file to test this on. I am using a simple DOCX file named "dummy.docx" that I created and password-protected with Word 2007. Download it to follow along. The password is "password123" as you'll find out. You can also download documents made with Word 2010 and Word 2016 (that shows up as 2013) to use for more examples. Passwords for those are also "password123."
John will start cracking, and depending on the password complexity, will finish when a match is found. Press almost any key to view the current status. When the hash is cracked, a message will be displayed on-screen with the document's password: Since our password was pretty simple, it only took seconds to crack it.
When it comes to password cracking of any kind, the best defense technique is to use password best practices. This means using unique passwords that are long and not easily guessable. It helps to utilize a combination of upper and lowercase letters, numbers, and symbols, although recent research has shown that simply using long phrases with high entropy is superior. Even better are long, randomly generated passwords which makes cracking them nearly impossible.
In regards to this specific attack, using Microsoft Office 2016 or 2019 documents or newer may not be effective, since office2john is designed to work on earlier versions of Office. However, as you can see above, Office 2016 may very well spit out a 2013 document without the user even knowing, so it doesn't mean a "new" file can't be cracked. Plus, there are still plenty of older Microsoft Office documents floating around out there, and some organizations continue to use these older versions, making this attack still very feasible today.
Today, we learned that password-protected Microsoft Office files are not quite as secure as one would be led to believe. We used a tool called office2john to extract the hash of a DOCX file, and then cracked that hash using John the Ripper and Hashcat. These types of files are still commonly used today, so if you come across one that has a password on it, rest easy knowing that there is a way to crack it. 2ff7e9595c
Comments