Stop Using MS Word/Excel "Restrict Editing" Option

Clarification: These methods only work for documents that are "restricted for editing". It does not work for files that are "password encrypted".

Microsoft Word stores passwords hashes and salts inside the document.

Method 1:

  • Rename filename.docx file extension to filename.zip
  • Open resulting zip file in 7zip.
  • Navigate to word folder inside the zip file.
  • Open settings.xml file in your favorite text editor.
    (Do not use Word. Use Notepad ++, SublimeText, Atom, or Visual Studio code. Windows Notepad may also work.)
  • Find <w:documentProtection element and remove all of it (including < and />)
  • Save settings.xml and close.
  • If prompted, update the zip archive.
  • Rename the zip file back to .docx
  • tada!

Method 2:

  • Open protected document and Save As filename.rtf
  • Open .rtf file in your favorite text editor.
    (Do not use Word. Use Notepad ++, SublimeText, Atom, or Visual Studio code. Windows Notepad may also work.)
  • Search for word passwordhash
    It looks like this {\*\passwordhash XXXXXXXXXXXXX} where X donates letters in a hash.
  • Remove the hash but keep rest of the text including curly brackets.
  • Save file with a new name (as .rtf) and exit.
  • Open .rtf file in Word, disable protection, and save as .docx
  • tada!

Both methods are already well known in hacker circles.

Show Comments

The author would love to hear your comments. Let us discuss at Twitter @hashtaginfosec.