Offensive Security Tool: msoffcrypto-tool
msoffcrypto-tool
msoffcrypto-tool (formerly ms-offcrypto-tool) by nolze, is a Python tool and library for decrypting encrypted MS Office files with password, intermediate key, or private key which generated its escrow key. It supports various MS Office file formats, including Word (MS-DOCX), Excel (MS-XLSX), and PowerPoint (MS-PPTX).
Installation
pip install msoffcrypto-tool
See Also: So you want to be a hacker?
Offensive Security and Ethical Hacking Course
Examples
As CLI tool (with password)
msoffcrypto-tool encrypted.docx decrypted.docx -p Passw0rd
Password is prompted if you omit the password argument value:
$ msoffcrypto-tool encrypted.docx decrypted.docx -p
Password:
Test if the file is encrypted or not (exit code 0 or 1 is returned):
msoffcrypto-tool document.doc --test -v
As library
Password and more key types are supported with library functions.
Basic usage:
Basic usage (in-memory):
See Also: Recon Tool: Domain Analyzer
See Also: OSINT Tool: Blackbird
Advanced usage:
# Verify password before decryption (default: False)
# The ECMA-376 Agile/Standard crypto system allows one to know whether the supplied password is correct before actually decrypting the file
# Currently, the verify_password option is only meaningful for ECMA-376 Agile/Standard Encryption
file.load_key(password="Passw0rd", verify_password=True)
# Use private key
file.load_key(private_key=open("priv.pem", "rb"))
# Use intermediate key (secretKey)
file.load_key(secret_key=binascii.unhexlify("AE8C36E68B4BB9EA46E5544A5FDB6693875B2FDE1507CBC65C8BCF99E25C2562"))
# Check the HMAC of the data payload before decryption (default: False)
# Currently, the verify_integrity option is only meaningful for ECMA-376 Agile Encryption
file.decrypt(open("decrypted.docx", "wb"), verify_integrity=True)MS-OFFCRYPTO specs
- ECMA-376 (Agile Encryption/Standard Encryption)
- MS-DOCX (OOXML) (Word 2007-)
- MS-XLSX (OOXML) (Excel 2007-)
- MS-PPTX (OOXML) (PowerPoint 2007-)
- Office Binary Document RC4 CryptoAPI
- MS-DOC (Word 2002, 2003, 2004)
- MS-XLS (Excel 2002, 2003, 2007, 2010) (experimental)
- MS-PPT (PowerPoint 2002, 2003, 2004) (partial, experimental)
- Office Binary Document RC4
- MS-DOC (Word 97, 98, 2000)
- MS-XLS (Excel 97, 98, 2000) (experimental)
- ECMA-376 (Extensible Encryption)
- XOR Obfuscation
- MS-XLS (Excel 2002, 2003) (experimental)
- MS-DOC (Word 2002, 2003, 2004?)
Other
- Word 95 Encryption (Word 95 and prior)
- Excel 95 Encryption (Excel 95 and prior)
- PowerPoint 95 Encryption (PowerPoint 95 and prior)
See Also: A primer on OS Command Injection Attacks
Recent Tools
Blue Team Tool: Ghostport
Ghostport is a sophisticated port spoofing tool designed to confuse …Red Teaming Tool: avred
Avred is a tool designed for Red Teamers to identify …Recon Tool: emailFinder
emailFinder is a web scraping tool that extracts email addresses …Recon Tool: Argus
Argus is an all-in-one toolkit designed to streamline the process …
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!
Information Security Solutions
Find out how Pentesting Services can help you.
