I'm back from the Power Analyst Bootcamp in Washington DC – and of course, it was a success. 37 of the finest analysts attended the 2-day event, where we shared our passion for Excel, deli meats, and spicy tricks and tips. In the end, everyone left with a bag full of new techniques that will make them better analysts.
.
While I was gone, there seems to have been a flurry of activity and questions in reference to hacking into a protected workbook. A couple of years ago, I posted a slick technique you can use to hack into a protected 2007 worksheet. Apparently, hacking in a protected workbook is also a highly desired talent. So today, I'll walk through the steps to hack into a protected workbook.
.
Excel 2007 and 2010 files are essentially zipped packages that contain XML files. This means that if you take an xlsx file and change the extension to zip, you'll be able to see all the xml documents that make up your Excel file. Not only that – you can change the content and properties of an Excel 2007 file simply by manipulating the XML documents that make it up.
.
That's right. You can remove workbook protection simply by applying a simple edit to the xml within the Excel file.
.
When you encounter a protected workbook, it's typically locked down so that you can't change the structure of the workbook. This means you can't unhide sheets, delete tabs, add sheets, or change the workbook structure in any way.
.
So let's start hacking.
.
Step 1: Make a backup of your file in case things take a turn for the worse.
Step 2: Change the file extension to zip.
.
Step 3: Extract the contents of the zip file.
Step 4: Go to the extracted files and navigate to the xml for the target sheet (found in the 'xl\worksheets' directory)
.
Step 5: Open the target sheet's xml document using an XML editor (I use a free editor called XML Marker)
Step 6: Find the 'workbookProtection' tag and remove the entire line.
.
Step 7: Save the edited xml document and replace the old xml document found in the original zip file.
Step 8: Change the extension back to xlsx.
.
At this point, your workbook is unprotected!
.
.
A couple of notes:
1. Any password you see in the XML file is not the real password, nor will it work if you try to use it. It's worthless.
2. It seems as though this will only work on workbooks that have been protected for structure only. If the workbook has been protected for structure and 'Windows', something prevents you from even opening the Open XML package.
3. You obviously cannot do this for Excel 2003 or any kind of xls files.
4. See this link to hack into a protected worksheet.
This sounds like it could be useful for me. I work with a lot of trolls that like to protect workbooks and then hide sheets in order to hide their shoddy analysis. Now I can open those hidden tabs and see what they've done.
All the more reason not to use crappy Microsoft Office.
Other office software, such as LibreOffice, actually encrypts the data stored within its file when there's a password set.
So they completely screwed up all the automation that worked perfectly in 2003 on the grounds of "security" and caused about a billion professionals to tear their hair out but left the file structure wide open! Although to be strictly fair you can break the passwords in Office with a bent paperclip anyway so anyone with anything that needs to be kept secure shouldn't be usng it – fine for keeping your Christmas card list or recipe collection not so good for banking. My concern is that because it is so flexible and ubiquitous folk embed Office products into other systems without realising the gaping holes they are leaving in security and integrity.
You are able to do this in a protected Microsoft word by searching for "Protect" and deleting the line out of the xml file.
As for the Excel 2003 files being unable to remove the password it is possible if you save the file in a xlsx or xlsm format follow the steps you provided and then save back in xls format.
Worksheet protection is not a security feature, so you should not be surprised that's its easy to brake. its meant to be like that.
when working with the xml bit i am using an xml editor called liquid xml (http://www.liquid-technologies.com/xml-editor.aspx), better than messing around with excel!
i didnt find the WprkbookProtection key word in the xml file. where n how to get it? help.
I run office 2007 SP2 MSO and this doesn't work.
The unzipped folder contains "[6]Data Spaces" (a folder) and "EncryptedPackage" and "EncryptionInfo" (to files without extension).
Inside the folder, more files without extension.
Not working with microsoft strong encrypted protection…. when we zip it shows a damage file always… does anyone can help to find out the solutions without any software??
Exactly same problem i have faced as vijay says, when try to open the zip file it says that either file damaged or corrupted…….does anyone help to get solved this ???
Even i am facing the same issue please help me solve this :'(
i cannot open the .zip file. it says "the archive is in an unknown format or damaged". any help?
i used WinRAR and windows explorer but i cannot open
Ken: Try using winzip or the built in windows zip.
I have an excel workbook (protected). i have changed the extension to .zip and tried to extract the file. it is giving me following error.
"The following file could not be opened or it is not a valid .zip file"
Please advise.
Regards,
I wrote this excel version for fun and for free – no installation required. Just open this workbook (http://www.mann-jones.com/ExcelCracker.aspx) , click Quick Run , navigate to your sheet and voila … workbook and worksheet unprotected.
It was great… Thanks a lot for your kind advise…
it was great, thanks a lot…
Everything went great until I tried to save the xml file from inside XML Marker. I'm not authorized to save it. Where the blazes is this restriction?
Thanks a bunch for getting me this far. Good instructions, good guide, you're a good man.
How can I hack into a protected Excel in Mac?
It worked 100% the first time. Thank you very much. Jan Kruger
Have you written the Excel File Cracker yet..I continue to get the request for the open password. I have a spread sheet from a diceased coworker and no one is able to open it.
did not work for me? Do I literally delete the ENTIRE line of WorkBook protection? I did and it was still protected
Hi , ho to write excel file crack source code in C ????
when i changed the file extension to .zip and tried to extract it again, it give me an error "No archive found".
Please help.
hi mate ,
i made a file in excel 2010 and forgot the password can any one unlock the file for me, please
i can email file to you i am not computer oriented guy i will happily pay reasonable cost as well
thanks and please reply soon
fshaikh29#googlemail.com ( replace @ with #)
you can sms me on +44 7903 200 551
Works like a charm! This is very useful.
Thanks!
Hi
When I come to rename the extension, I am told the workbook is in use. It isn't but something is preventing me renaming it.
I have a 2010 excel file and have forgotten Open password. When I rename to .zip, I get error message and am not able to open folder.
Thanks for the advice bro, everything went well until i changed back the format to xlms then it told me the file format is not valid , i will appreciate the help thank you
Someone please help me – I need to open excel file – what commercial soft could I use?
This works for a file that has a password for STRUCTURE. It does not work for files that require a password to open. I notice that lots of the comments were about files requiring a password to open.
Seems doesn't work after renaming it. I've tried it and failed on it.
I have exactly the same problem as Faisal (above). When I change the extension to .zip and tried to extract the file it gives me the error:
“The following file could not be opened or it is not a valid .zip file”
How can this be solved?.
Regards,
You still won't work if you have a password to OPEN your Excel file. I had to use online service http://www.password-find.com that had an "instant crack" feature and helped me to open my document. It could unlock sheets as well if I recall right.
Very useful. tanx.
Here is a summary of features for password un-protection add-in:
Excel worksheet, chart sheet, workbook structure and shared password removal.
New working passwords (not the original ones) can be recovered.
Ultra-fast password removal, at least 25%-500% faster than most of the competitive software products.
No installation or Windows administrator rights are required, as the Add-in is written 100% in VBA (.xlam)
The add-in works in Excel 2007 and in both Excel 2010 x32 and x64 bit versions.
User friendly Excel 2007-2010 Ribbon User Interface.
http://spreadsheet1.com/s1-protection-free.html
I have an excel 07 that has password encryption on opening. Renaming to .zip and extracting didnt work, with winrar.
any suggestions, except brute force!?
Would not work for me but:
xx213 yours worked perfectly fine for me. Good Job. Thanks
This is a Fucking Shit !
This works. Do you know how to unlock the macros/VBA section? I still get a request for a password when I try to edit an existing macro.
The only way to remove password protection from Excel 2007-2010 I found is the on-line tool Password-Find (http://www.password-find.com) All other software and services I googled out suggested brute-force attach which might take long years since my password was complex enough. Fortunately, the service I mentioned above instantly removed the password, so I could open my spreadsheet.
is there any to retrieve the password ??? please reply in mail .. and thanks for the share .. its help me a lot .. i also need to one thing . if put the sheet protection tag again in place after doing some changes where it was should the password remains same ?? the owner of the file should aware of that ???
Hi all
how to write c source code cracking MS excel 2007 ??? help me???
Xx213… Worked for me. Many thanks. Have been looking for something as simple and effective as this for ages. Very happy… Thanks again x
Hello,
I tried your hack on an XLSX file. The data would not extract when I tried to extract the .zip format. (Message: No Files to Extract) When I double clicked the file I got a message (The compressed (zipped) folder is invalid or corrupt).
I work for The Ventura County Health care Agency in their IT department.
Any suggestions? Please email me directly with any responce.
Thanks,
Saul