 

              GuaWorD (Guaranteed Word Decryptor)
        MS Word 97/2000 .doc encrypted files decryptor

                            v. 1.5

       (c) Copyright PSW-soft 2000-2005 by P. Semjanov


1. Objectives and characteristics.
2. Working with the program.
  2.1. Running FREE, DEMO and 1-client GuaWord versions.
  2.2. Running 5-, 10-clients and unlimited GuaWord versions.
3. Ordering and contact information.
4. FAQ.
5. Special thanks.


THIS PROGRAM  IS DISTRIBUTED  "AS IS".  USE IT  AT YOUR OWN RISK.
GuaWord comes with ABSOLUTELY  NO WARRANTY. The AUTHOR  also DOES
NOT GUARANTEE releasing any future VERSIONS of the program.

This  program has two versions:

  1)   FREEWARE    (with   some    limitations)   that    can  be
distributed freely under  following conditions: the  program code
should not  be changed  and has  to be   distributed in  original
form.  Any   commercial  use  of  this  version   is  prohibited.
Support of this  version also is not guaranteed.

  2) COMMERCIAL (fully-functional)  that can't be  distributed in
any form with out written explicit permission of the author.

Also, there are some commercial version modifications.


1. Objectives and characteristics.

The program  GuaWord  decrypts MS Word 97/2000  (v. 8.0 and 9.0)
and  Word  XP (default  40-bit   encryption  mode   only)  files
encrypted  with  password for  opening  (do  not  use it to find
passwords for workbook, individual  sheets, read-only and others
passwords).  But  it  is  not  PASSWORD  recovery  program,  the
decryption of any file is GUARANTEED regardless of password used.
The program has been tested  on Word 97/2000/XP files only.  (If
you're  using  Word  6.0/7.0  there  are  a  lot  of  decryption 
utilities.  Moreover, French version  of  MS  Word  allows  much
faster decrypting and you don't need this program in this case).

It  is  well  known  that  Word  starting  from v. 8.0 uses a RC4
stream    encryption    that    is    cryptographically   strong.
(Un)fortunately, because  of U.S.  crypto export  regulation  key
length is  only 40   bits. Not  long ago  it was  impossible  for
individuals to test all keys,  but nowadays, the power of  modern
PC is sufficient for that procedure.

To crack ANY Word 97/2000 password  you need to  test 2^40  keys.
(No matter how  long the password  is, what charset  and national
symbols uses).  It's  implemented  in  this  program, but at  the
speed about  750000 keys/s on Pentium  4/1600  and  you will need
less than 14 days to finish it. (Surely, in average it takes only
a half of this time). The faster computer you've got, the earlier
password is found.

To speed  up cracking  simple distributed  computing mechanism is
included in GuaWord program (*).

(*) - available in network (n-clients) versions

All keyspace is divided to 16384 (0-16383) "megakeys"  (they  are
simply   called   "keys"   below)   and   each   of  them  can be
tested in parallel  on separate computer.   One key testing  time
is  about   5  minutes  on   Pentium  II/333).  So, if you've got
thousand computers in your LAN,  you could find the right  key in
a few minutes.

From  version  1.1 GuaWord also supports file-independent (super)
keys (**).  They are  testing 2 times slower,  but if you'll find
such key for one file,  any other file with the same password can
be decrypted instantly.

(**) - available in unlimited version only


2. Working with the program.

There are  local and  network GuaWord  versions. Please  read the
appropriate section.
You may run  GuaWord program under Win32 (Windows  95/98/Me,
Windows  NT/2000/XP) and  Linux. 


2.1. Running FREE, DEMO and 1-client GuaWord versions

These versions can be used to decrypt files on ONE computer only.
Go to 2.1.3 section to  see most usual examples of  using GuaWord
on one computer.

2.1.1. For key searching, use the following command line:

   GUAWORD [options] <doc_file> [<start_key> [<end_key>]],
where:

<doc_file> is  Word  97/2000  file  with  password (for opening).
Long  file names supported  only under Windows  95/98, not MS-DOS
nor Windows NT/2000.

Parameters in [] brackets are optional:
   <start_key> is a key to start from (0-16383), default = 0  (*);
   <end_key> is a last key to test (0-16383), default = 16383 (*).

Options are:
   /pXYZ     uses crypto functions #X,Y,Z
   /r        restarts cracking after any accident;  (*)
   /s	     searches for file-independent key      (**)

(*) - not available in free versions
(**) - available in free version only

/r option may  be useful  if  an accident  has  occurred, such as
power was off or decryption  failed for some reason. This  option
sets  the  number of running  clients  to  zero  and  convert all
interrupted keys (see below) to "not tested" ones.  Of course, it
doesn't  change any  other keys,  already  tested  keys  never be
tested again.

/s option, available only  in most-powerful unlimited version  is
useful if you've got a lot  of files and know they are  encrypted
with the  same password.   When you'll  find the  key (using this
option) for one  file, all the  rest files can  be decrypted with
found key instantly  (see 2.2.2). NOTE:   searching for such  key
is 2 times  slower, so it  makes sense for  3 or more  files with
the same password.

/pXYZ option may be used if automatic procedure for choosing best
code for your processor does it incorrectly. In this case you may
manually  set up which  crypto  functions  should  be used.  Some
information  about available crypto functions  may be obtained by
/t option.


During the  search, the  file with  .key extension  is created in
current directory at  the first run  of the GuaWord  program.  Do
not delete nor modify this file if you are not sure that this  is
right thing to do.

When the  right key is found, the  .doc file  will be  decrypted.
Because  of  .doc  file  format  is  complex  and  non-documented
the decryption procedure  may fail (and file will be  corrupted),
therefore making   a backup   copy of   your file  is  ABSOLUTELY
NECESSARY.

Normally,  there  should  be  no   interrupted  keys  in the .key
file, but   they   could appear  if computer  accidentally powers
off or if  you interrupt the  program, running on  Windows NT. To
resolve  the  problem  with  the interrupted keys  please look at
the messages when GuaWord finishes. If it says, "ATTENTION: There
are  some possibly interrupted keys", rerun it with /r option and
the same keyspace. The program  will retest all interrupted keys.


2.1.2. To decrypt Word file with known password/key, use:

   GUAWORD /p <known_password> <doc_file>
where:

<doc_file> is a Word 97/2000 file with  password (for opening).
<known_password> is the password for this file.

   Decrypting with known password may be useful if, for  example,
you  wish  to  recover  your  broken  file.  Most Office recovery
software  don't  support  encrypted  files.  This GuaWord feature
gives a chance to recover such file.

   If you has found the key and doesn't decrypt the file at once,
use later:

   GUAWORD <doc_file> <known_key>
where:

<known_key>  is  the  found  10-digits  hex  key  (for   example,
123456789A).


2.1.3. Useful examples on running GuaWord on one computer:

   Although the  sections above  may be  considered too  complex,
normally running GuaWord is very simple:

1) To crack the TEST.DOC file, use:
   GUAWORD TEST.DOC

It will test all possible keys and decrypt the file when the  key
is found. Note  again, it may  take a long  time on one  computer
(the program prints how long exactly).

The  program  can   be  interrupted  by  pressing Ctrl-C once and
continued by  running with  the same  options (no  need to change
the keyspace range - it will be picked up automatically).

2)  If  some  accident  has  occurred  (such  as  power  was off,
decryption failed etc), you  may continue from  the last untested
key by using:

   GUAWORD /r TEST.DOC

3) To decrypt file TEST.DOC with password PASS, use:
   GUAWORD /p PASS TEST.DOC


2.2. Running 5-, 10-clients and unlimited GuaWord versions

To use  power of  several computer,  GuaWord provides distributed
computing mechanism -  the shared file  (with .key extension)  is
created in  current directory  at the  first  program run.  Thus,
you  will need  to have  WRITE PERMISSION to the current (shared)
directory.  (Also  you  need write  permission  to the  temporary
directory). Do not  delete  nor modify  this file  if you are not
sure that this is right thing to do.

You may  interrupt and  run again  any client  in any time. Don't
worry if some client is accidently interrupted by powering off  -
the worst thing could happen is you'll need to restart some (all)
clients. There  is no  situation when  information about  already
tested keys  will be  lost (that's  why you  shouldn't modify the
.key file).

Normally, there should be no  interrupted keys in the .key  file,
but  they  could appear if computer accidentally powers off or if
you interrupt the program, running on Windows NT. To resolve  the
problem  with the interrupted keys please look at the messages of
the LAST client finished. If it says, "ATTENTION: There are  some
possibly   interrupted  keys", rerun this  client with /r  option
and the  same keyspace. The  program  will retest all interrupted
keys.

Please note since  1.2 GuaWord version  first running client  may
be  considered as  "server". The decryption  takes  place on this
client only.   This is  useful for  you, no  need to  control all
clients.  Therefore,  first  client  should  always  be   running
(see FAQ for details).


2.2.1. For key searching, use the following command line:

   GUAWORD [options] <doc_file> [<start_key> [<end_key>]],
where:

<doc_file> is  Word  97/2000  file  with  password (for opening).
Long  file names supported  only under Windows  95/98, not MS-DOS
nor Windows NT/2000.

Parameters in [] brackets are optional:
   <start_key> is a key to start from (0-16383), default = 0;
   <end_key> is a last key to test (0-16383), default = 16383.

If you  reduce  keyspace  using these  parameters,  the available
clients number will be reduced in proportion.

When the  right key is found, the  .doc file  will be  decrypted.
Because  of  .doc  file  format  is  complex  and  non-documented
the decryption procedure  may fail (and file will be  corrupted),
therefore making   a backup   copy of   your file  is  ABSOLUTELY
NECESSARY.

Options available on any clients are:
   /pXYZ     uses crypto functions #X,Y,Z
   /s	     searches for file-independent key      (**)

(**) - available in unlimited version only

See option description above. Is not possible to run some clients
with /s option and others without it.

Options available on first clients only:

   /r        restarts cracking after any accident;
   /1        forces first client mode

/r option may  be  useful  if  an  accident  has  occurred,  such
as power  was off  or decryption   failed for  some reason.  This
option sets the number of running clients to zero and convert all
interrupted keys  in the  .key file  to   "not tested"  ones.  Of
course,  it  doesn't  change any other keys, already  tested keys
never be tested again.  NOTE: Use /r option when all clients  are
not working.

/1 option  should  be  used  to  start first  client again  after
interruption. No need  to interrupt other  clients when  starting
first one.

2.2.2. To decrypt Word file with known key or password, use:

   GUAWORD /p <known_password> <doc_file>  or
   GUAWORD [/s] <doc_file> <known_key>
where:

<doc_file> is  Word  97/2000  file  with  password (for opening).
<known_password> is the password for this file.
<known_key> is 10-digits hex number (for example, 123456789A).
/s option indicates the <known_key> is file-independent key (see
above) (**)

(**) - available in unlimited version only

   Decrypting with known password may be useful if, for  example,
you  wish  to  recover  your  broken  file.  Most Office recovery
software  don't  support  encrypted  files.  This GuaWord feature
gives a chance to recover such file.

2.2.3. Useful examples on running GuaWord on the network:

1)  To  crack  TEST.DOC  file  on  several computers on  the LAN,
copy the   GuaWord  program   and TEST.DOC  file to   the  shared
directory (don't forget  to run   SHARE.EXE under   MS DOS)   and
use the simple command line:

   GUAWORD TEST.DOC

The first started client is special, and will actually decryption
do. Any client  can be  interrupted  by pressing  Ctrl-C once and
continued by  running with  the same  options (no  need to change
the keyspace range  - it will  be picked up  automatically). When
interrupting first client, to continue it use special /1  option,
like:

   GUAWORD /1 TEST.DOC

3) To  crack  TEST.DOC on two  divided  LANs or  on  two  divided
computers (e.g. at home and at work), use:

   GUAWORD TEST.DOC 0 8191   - on first LAN
   GUAWORD TEST.DOC 8192     - on second LAN

   Use the similar command lines on several LANs. Note the number
of available clients will be reduced on every LAN.

3) To search for file-independent  key, run every client with  /s
option (**):

   GUAWORD /s TEST.DOC

(**) unlimited version only

   When the key  will be found  find the key  for this file,  all
files  with  the  same  password  can be decrypted instantly (see
example 5).  NOTE: searching for  such key is 2 times slower.

4)  If  some  accident  has  occurred  (such  as power was off or
decryption  failed  for some reason),  you may continue  from the
last untested key by running on FIRST client:

   GUAWORD /r TEST.DOC

Any  other clients should not be running at this time, start them
in normal way.

5) To decrypt TEST.DOC using the key 'A0 B1 C2 D3 E4':

   GUAWORD TEST.DOC A0B1C2D3E4

if key is file-dependent (valid for this file only) or

   GUAWORD /s TEST.DOC A0B1C2D3E4

if key is independent.

6) To decrypt file TEST.DOC with password PASS, use:
   GUAWORD /p PASS TEST.DOC


3. Ordering and contact information.

Program support URL is
    http://www.password-crackers.com/crack/guaword.html

Here  you  find  the  link  to  ordering  page.  There are  four
commercial versions:
     1 client version         - $29;  (for individual users)
     5 clients (max) version  - $59;
    10 clients (max) version  - $99;  (to use on networks)
    unlimited version         - $450.

You can also contact to author:
    e-mail: pavel@semjanov.com

A lot of great password crackers are at
    http://www.password-crackers.com

Although I already mentioned that I will not  accept any claims,
I  shall be grateful  to  here  about obvious errors, such as:

- the program hangs  at brute force;
- the   program  does   not  find   the  key   of  a  given  file
although all keys were tested.

I appreciate any constructive ideas for improving this program.


4. FAQ.

4.1. Questions about all GuaWord versions

4.1.1. How to interrupt and continue searching?

The  program can be interrupted  by  pressing Ctrl-Break once and
continued by  running with  the same  options (no  need to change
the keyspace range - it will be picked up automatically).

(*) Continuing is  impossible in  freeware version, it will start
from key 0.

See also Q. 4.3.1.

4.1.2. What do the values in .key file mean?

First 16 bytes are  special. The byte   with n  offset  mean  the
state of (n-16)  key and  may  be one of   3 values: 0  - key  is
not tested yet, 1 - key was  tested and is not  right, 2 - key is
testing now (or may be interrupted key).

So, if  after the  test of a given  keyspace is completed,  there
are still some values (in this keyspace) which are  not equal  to
1, then there must  be a bug in  the program. Those  keys,  which
have  not  been  tested,   can  be  tested by simply running  the
program on this keyspace again with /r option.

4.1.3. I've got  Pentium 4/3000  computer, but key testing time
is extremely large.

Make   sure   that   other   CPU   hungry   programs   (including
3D-screensavers) are not running simultaneously.

4.1.3a. One key testing time  is 2 times longer under  Windows NT
than under MS-DOS or Windows 95.

Give 100% CPU time to the program.  Easiest way to do it is click
on  blank space on  the taskbar and  next  click on  the  program
window.

4.1.4. How can I test if your program is working?

Run GuaWord  on test.doc  file in the  archive  (the password for
this  file is  'nyxo').  As  the password is known,  DEMO version
starts from  right key at once  (or you  should start  commercial
version from key 15806).  To test  /s option,  use  the following
command-line:

   GUAWORD /s TEST.DOC 1675

You may also create your own file with 'nyxo' password and repeat
the same procedure.

4.1.5. I've got a message "XXXXX is not Word 97/2000 file".   How
to crack it?

Maybe the program is right?

4.1.6. The full keyspace has been tested, no key found.

Please check for the interrupted keys in .key file (see q. 4.1.2)
or  just simply run program  again with /r option. If it is still
fails, it's a bug.

4.1.7. Your program  found a key, successfully  decrypted  a file
and Word still can not open it...

First, don't despair. The found key is correct and your file  can
be decrypted. Another method  exists to read your  document (only
if you made backup copy of your file). If you are legal  customer
of commercial version of the  program, just contact me.   I DON'T
SUPPORT  FREEWARE  PROGRAM,  but  it's  not  too late to became a
legal customer.

4.1.7a. Your program  found a key, successfully  decrypted  a file
and Word still asks for password...

Yes, there are few strange  (corrupted?) files.  Firstly, they are
opened ok (after decryption) in WordPad. If you need to open these
files in Word, just send it to me.

4.1.8. Is it possible to speed up your program?

On Pentium Pro  architecture processors (including  Celeron, PII,
PIII) is  not  possible.  On Pentium 4 (and similar) architecture
is may be possible to improve speed by using SSE insructions more
intensively. Althought I currently have no plans to optimize this
software on other architecture (IA-64 etc)  please contact if you
are interested in.

4.1.9. I'm  using UNIX,  OS/2, BeOS  etc.  Will  such  version be
available?

Possibly. (Linux  i386 version  is already  available). Regarding
other OS and  platforms, bear in  mind that GuaExcel is optimized
exclusively for Pentium II/4/AMD architecture and please read the
previous question.

4.1.10. I'm  sure all  of my  files are  encrypted with  the same
password.  Can I decrypt file without searching the key for  each
of them?

YES!  Files with the  same  password  DON'T  have the  same  key,
because it depends on  file ID etc . But unlimited  version has a
/s option for searching file-independent key.

4.1.11. How to run GuaWord in the low priority?

RTFM. Under Windows NT/2000/XP use
	start /low guaword <parameters>

4.1.12. How to run GuaExcel on the dual processor computer?

Just start two copies of the program with the same options.

4.1.12a. Should I start 2 copies of GuaExcel on my HyperThreading
processor?

Curiously enough,  but on some  modern Pentium  4 Prescott it may
help, on  other  (older) P4  it  has  no sence. You  can  try  to
experiment yourself.

4.1.13. How to  decrypt file  without the prompt and shutdown the
computer?

You need to use simple .bat file, like:
	echo y|guaword your_file.doc
	pshutdown -k
where pshutdown is the utility from www.sysinternals.com site.


4.2. Questions about freeware and demo versions.

4.2.1. What are the differences  between  freeware and commercial
version?

Freeware version  0.9 is  no longer  supported. Many improvements
and bug fixes has been made in newest version, like:

a) Distributed mechanism
b) Starting and ending key arguments
c) File-independent key searching

See changes.txt for more details.

4.2.2. What  are  the  differences  between  demo and commercial
version?

Demo  version  demonstrates  some   of  the  commercial   version
features, including testing  for file-independent key.  It should
be used to check if your file is parsed correctly and to estimate
time needed to decrypt file  on your computer. If you've  got the
message  like  "Your  file  is  parsed  and  can be cracked", the
commercial version  will work  fine with  this file.  To test the
decryption  procedure,  just  save  any  Word  file  with  'nyxo'
password and run demo version on it.

4.2.3a. Freeware version found the  key, but couldn't (correctly)
decrypt the  file. Is  there the  way for  not searching  for key
again?

4.2.3b.  Freeware  version  tested  some  (a  lot of) keys when I
decide  to  buy  commercial  version.  Is  there  the way for not
testing  them again?

Sure, just  run  commercial version  with appropriate <start_key>
parameter.


4.3. Questions about network versions.

4.3.1. Program displays "no more  clients  (N)  allowed  in  this
keyspace", although less than N clients are running.

You incorrectly interrupted some clients.  Stop others and use /r
option.

4.3.2. My file is confidential and I don't want to  remain  it in
shared directory. What to do?

You can remove your file after seeing the message "Client XX ready"
and copy  it back when the  prompt  for  decryption  will appear.

4.3.3. The key has been found  on one of the clients while  first
client was stopped. How to decrypt file in this situation?

Just start first client with /1 option.


4.4. Error messages.

a) "Permission denied"

Check  your  file  is  neither  Read-Only  nor  used  by  another
program.  Also  check  you  have  write permission to the current
directory.

b) "There are running clients with different options"

You have run previous clients with /s option and current one without
it or vice-versa.

5. Special thanks.

  To Eric Young for his great SSLeay library.
  To Caolan McNamare for his not less great wv library.
  To Arturo Tena for yet another great cole library.
  To Phil Frisbie, Jr. for CPU identification function.
  To Alexander Perematko for correcting this doc.
  To Dmitry Sushkov for his optimizing idea.

Good luck!

Pavel Semjanov, St.-Petersburg.

