Theater security

by Volker Weber

Thorsten Delbrouck describes in this SecurityTracker post how to bypass Microsoft Office security features:

1.) Open a protected document in MS Word
2.) Save as "Web Page (*.htm; *.html)", close Word
3.) Open html-document in any Text-Editor
4.) Search "" tag, the line reads something like that: <w:UnprotectPassword>ABCDEF01</w:UnprotectPassword>
5.) keep the "password" in mind
6.) Open original document (.doc) with any hex-editor
7.) search for hex-values of the password (reverse order!)
8.) Overwrite all 4 double-bytes with 0x00, Save, Close
9.) Open document with MS Word, Select "Tools / Unprotect Document" (password is blank)

This is about the same level of security as the Notes client provides when locally enforcing the ACL. This can also be removed:

1. Open database in any hex-editor.
2. Find the range of bits between offset 0x16c and 0x1a7.This is the ACL.
3. Set any that aren't 00 to be 00.
4. Save the database.

Notes however does provide real security: Encryption.

Comments

Here's another way to get to the contents of a local database where the ACL is locally enforced:

Rename the nsf to ntf, copy it to your local data directory and use this as a template to create a new database. This will have all design elements and documents of the original db and you have manager access to it.

Indeed this doesn't enable you to edit documents in the original file but at least to see the contents of it.

Oliver Regelmann, 2004-01-04

I tried this Word thing, but didn't quite succeed...
I have a Word form from a client, which is supposed to become a project proposal. Since the form is designed for internal project proposals while I am doing an external one, I need to change some details. I already retrieved an unprotected version, but out of curiosity I wanted to check this out.
Saving the document as a web page, Word alerts me, that besides a text formating loss the form protection will be lost and I can continue or cancel. Continuing I cannot locate the mentioned tag in the resulting HTML file.
Any ideas on this?

Ragnar Schierholz, 2004-01-04

Simpler local ACL enforcement defeat strategy: change IDs. If you don't have another ID, make one. If the database has been carefully crafted to have default of no access, create an ID that matches a name or group that is in the ACL.

Alternatively, add the following line to your Notes.INI...
Disable_Local_Access_Control=1

Nathan T. Freeman, 2004-01-05

I thought the INI mod only worked in release 4.x? It's certainly never worked for me in 5, and it definitely doesn't in 6

Ben Poole, 2004-01-05

Recent comments

Volker Weber on And the best sounding earbuds are ... at 09:24
Torben Volkmann on And the best sounding earbuds are ... at 09:17
Volker Weber on Apple product launches leaked at 21:07
Matthias Lorz on Apple product launches leaked at 21:07
Matthias Lorz on Apple product launches leaked at 21:05
Ingo Seifert on Some of my playlists at 19:21
Jean Pierre Wenzel on Some of my playlists at 18:24
Oliver Schult on Neato Botvac D7 Connected :: Louie saugt at 14:31
Mathias Ziolo on And the best sounding earbuds are ... at 09:21
Volker Weber on And the best sounding earbuds are ... at 07:33
Mariano Kamp on And the best sounding earbuds are ... at 01:33
Volker Weber on The big challenge #dontbreakthechain at 19:13
Armin Auth on The big challenge #dontbreakthechain at 13:31
Thomas Nowak on The big challenge #dontbreakthechain at 12:43
Armin Auth on The big challenge #dontbreakthechain at 11:12
Thomas Nowak on The big challenge #dontbreakthechain at 08:25
Hans Giesers on The big challenge #dontbreakthechain at 23:14
Michael Sampson on The big challenge #dontbreakthechain at 03:54
Stefan Niemeier on The big challenge #dontbreakthechain at 22:29
Stefan Hempel on Poly EagleEye Cube :: Kamera mit Verfolger at 10:24
Volker Weber on Stuff that works :: Jabra Elite Active 75t at 08:16
John Keys on Stuff that works :: Jabra Elite Active 75t at 20:06
Daniel Kirstenpfad on Stuff that works :: Jabra Elite Active 75t at 19:33
Hilbert Trekel on Stuff that works :: Jabra Elite Active 75t at 18:27
Tobias Hauser on Eve Aqua :: Wenn es regnet, nicht bewässern at 15:31

Ceci n'est pas un blog

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.

vowe

Contact
Publications
Stuff that works
Amazon Wish List
Frequently Asked Questions

rss feed  twitter  amazon

Local time is 16:19

visitors.gif

Paypal vowe