Hi all, new to bt and pen testing as well. I have a .xls file that is password protected to open and I can not remember my password. I am aware that there are specific programs for this available but I can not find any freeware (everything cost around 30$, which is crazy for 1 file). I have a pretty good idea what the password is so i was going to try some sort of brute force with specific characters or a decryption method. I was reading up on John the ripper and found "John the Ripper 1.7.7-jumbo-6 integrates preliminary support for several non-hashes, ......, password-protected PDF files with 40-bit and 128-bit RC4 encryption". I understand that this says pdf file but my .xls file is a 40bit rc4 encryption. Would it be possible to use JTR on this file? Should i be using a different tool? Any help would be much appreciated.