It’s quite common to run into worksheets that have been protected, by original author, so users can not modify formulas or select ranges. But it’s also more than often that oneself is in the bind to make modifications, so a bypass is needed.
This is a popular shared code, that I’d modified a little, just to tidy and understand it a bit… and to extend functionality to the whole Workbook. It does not find original password, it just bypass the control protection using another one, 12 characters long, with the same hash as the unknown password.
First 11 characters are either [A] or [B], and the last one is the real “free” one (can be any letter/number/special character -aside system reserved chars-). Not a lot of combinations to try: (127-32)·2^11 ~ 194.560
Public Sub sWorksheet_CrackUnprotect()
Dim oWsh As Excel.Worksheet
Dim aData(0 To 1) As String * 1
Dim b1 As Byte, b2 As Byte, b3 As Byte
Dim b4 As Byte, b5 As Byte, b6 As Byte
Dim b7 As Byte, b8 As Byte, b9 As Byte
Dim b10 As Byte, b11 As Byte, b12 As Long
Dim strPassword As String
On Error Resume Next
' Try with found Password (initial password = vbNullString)
For Each oWsh In ThisWorkbook.Worksheets
With oWsh
.Activate
.Unprotect strPassword
If .ProtectContents = False Then GoTo ByPass
aData(0) = VBA.Chr(65)
aData(1) = VBA.Chr(66)
For b1 = 0 To 1: For b2 = 0 To 1: For b3 = 0 To 1
For b4 = 0 To 1: For b5 = 0 To 1: For b6 = 0 To 1
For b7 = 0 To 1: For b8 = 0 To 1: For b9 = 0 To 1
For b10 = 0 To 1: For b11 = 0 To 1: For b12 = 32 To 126
.Unprotect aData(b1) & aData(b2) & aData(b3) & _
aData(b4) & aData(b5) & aData(b6) & _
aData(b7) & aData(b8) & aData(b9) & _
aData(b10) & aData(b11) & VBA.Chr(b12)
If .ProtectContents = False Then
strPassword = aData(b1) & aData(b2) & aData(b3) & _
aData(b4) & aData(b5) & aData(b6) & _
aData(b7) & aData(b8) & aData(b9) & _
aData(b10) & aData(b11) & VBA.Chr(b12)
GoTo Iterate
End If
Next: Next: Next
Next: Next: Next
Next: Next: Next
Next: Next: Next
Bypass:
End With
Next oWsh
On Error GoTo 0
End Sub
[/sourcecode]