Why does the following code break the excel password protect? Every sheet I have broken with it has had a password similar to 'AAAAABABABAWA', but I doubt these are the actual passwords.
It seems we have a bunch of integers with a strange range. Any idea how it works?
Sub PasswordBreaker() 'Breaks worksheet password protection. Dim i As Integer, j As Integer, k As Integer Dim l As Integer, m As Integer, n As Integer Dim i1 As Integer, i2 As Integer, i3 As Integer Dim i4 As Integer, i5 As Integer, i6 As Integer On Error Resume Next For i = 65 To 66: For j = 65 To 66: For k = 65 To 66 For l = 65 To 66: For m = 65 To 66: For i1 = 65 To 66 For i2 = 65 To 66: For i3 = 65 To 66: For i4 = 65 To 66 For i5 = 65 To 66: For i6 = 65 To 66: For n = 32 To 126 ActiveSheet.Unprotect Chr(i) & Chr(j) & Chr(k) & _ Chr(l) & Chr(m) & Chr(i1) & Chr(i2) & Chr(i3) & _ Chr(i4) & Chr(i5) & Chr(i6) & Chr(n) If ActiveSheet.ProtectContents = False Then MsgBox "One usable password is " & Chr(i) & Chr(j) & _ Chr(k) & Chr(l) & Chr(m) & Chr(i1) & Chr(i2) & _ Chr(i3) & Chr(i4) & Chr(i5) & Chr(i6) & Chr(n) Exit Sub End If Next: Next: Next: Next: Next: Next Next: Next: Next: Next: Next: Next End Sub
This particular password mechanism is terrible. Many different passwords will work to unlock it. The script tries a bunch starting from AAAAAAAAAAAA, and stops on the first one that works. That’s why it says “One usable password is”—there are many usable passwords.
In detail, the input password is passed through a scrambler that produces a 16-bit output, regardless of input password length. Since there are only 65,536 possible ‘scrambled’ values that are checked against, and many billions of possible input passwords, for any password that you set, there are billions of other different passwords that will work to unlock it.
Most password mechanisms are not so insecure.