Bug in Outlook PST password protection
When working on MS-Outlook with POP3 or IMAP accounts, all received and sent emails are saved in a Personal Folders (.pst) file. Microsoft allow the user to set a password on a .pst file, in order to protect the content of the emails, and prevent from accessing them by other users. although commercial software that crack the password of pst files exist for years, many users don't know that password protection of pst files is very weak and can be cracked very easily, and may thing that their private emails are protected from viewing by other users. In the following article, I'll give a small explanation about how the password is saved in the pst file, as well as I'll demonstrate a funny bug with pst passwords.
How the password is saved in the pst file ? In fact... The password is not really saved in the pst file. Instead of saving the real password, Outlook creates a 32-bit hash value that represents the original password. The algorithm that is used to generate this number is just a CRC32 algorithm with a little modification. CRC32 is mostly used to verify data integrity, but from unknown reason, Microsoft decided to use it for password protection instead of using a strong hashing algorithm, like MD5 or SHA-1. The bad thing about using a CRC32 algorithm for saving a password is the fact that for each 32-bit number, there are a lots matching passwords, which mean that if you set a password on your pst file, you can also open it with many other passwords that match the same CRC value. For example, if you set the password '1234' to your pst file, you can also open it with the following passwords: 'yZdHpA', 'hkNkwC', 'YUWqKD', 'FkbbpH', 'WZHAwJ', and much more... Don't believe it ? Just try it, and you'll find out that it's true !
The null password bug Outlook uses the 32-bit value that I mention above to determine whether to ask the user to type a password. If this value is other than zero, the user must type a password that matches the same CRC value in order to open the pst file. If this value is equal to zero, the user is allowed to open the pst file without typing any password. But... What happens if you set a password to the pst file that matches to a zero CRC value ? This is exactly the bug that I'm talking about !! If you set a password to the pst file that matches to a zero CRC value, Outlook will accept your password without complaints, but in the next time that you try to open the pst file, you won't need to type any password !
Leave a Comment
Related Posts
Recent Posts
Communick Collective: a zero-commission crowdfunding platform to support content creators in the Fediverse · Communick
Comment
/cdn.vox-cdn.com/uploads/chorus_asset/file/23906794/VRG_Illo_STK022_K_Radtke_Musk_Bolts.jpg)
Pluralistic: "Humans in the loop" must detect the hardest-to-spot errors, at superhuman speed (23 Apr 2024)
Comment
