Today I received my 3th MVP award from Microsoft: MVP 2013 Consumer Security.
To celebrate this, I’ve 2 things for you:
- A 20% promo on my videos.
- A new utility: datapipe.xls. And like a real New Year present, you’ll have to open it to find out what it is 😉 More details later.
datapipe_V0_0_0_1.zip (https)
MD5: 5BF1594E8144B694431E7A7E3BDF33F7
SHA256: 57CD06EBFEC1C5C2661E44260A7304DFCDEEB2F54132E0627A474AF756AFA956
Didier Stevens 
Congratulations on the MVP!
Comment by Ken Pryor — Wednesday 2 January 2013 @ 4:11
Congratulations on another MVP!
Comment by kpryor — Wednesday 2 January 2013 @ 4:12
Congrats Didier
Comment by Daan Raman — Wednesday 2 January 2013 @ 16:46
Congratulations Didier!
Comment by azerton — Wednesday 2 January 2013 @ 16:47
Congrats Didier!
Comment by Anonymous — Friday 4 January 2013 @ 4:27
Datapipe.xls crashes Excel 2010 32-bit on my Windows 7 machine.
Comment by Jonathon — Monday 7 January 2013 @ 13:34
@Jonathon Strange, it works on mine, exactly same environment.
Do my other Excel tools behave the same?
Comment by Didier Stevens — Tuesday 8 January 2013 @ 9:15
Datapipes also crashes on Windows 2008 64 bit edition Excel 2012 64bit.
Comment by Anonymous — Wednesday 9 January 2013 @ 12:44
@Anonymous That is normal, datapipe.xls is for 32-bit Excel. But it shouldn’t be a real Excel crash, just an error message. Can you confirm?
Comment by Didier Stevens — Wednesday 9 January 2013 @ 12:47
Here’s checksums, and the error I get after Excel crashes and I open Visual Studio to debug:
Size: 243200 bytes
Modified: Monday, January 07, 2013, 8:30:51 AM
MD5: 6951392C1BBD286927A5E672E058340E
SHA1: 9F06AB035267CB4028B38D27A87238A11C797A01
CRC32: 7A99E457
Unhandled exception at 0x77e0faca in EXCEL.EXE: 0xC00000FD: Stack overflow.
Comment by Jonathon — Wednesday 9 January 2013 @ 21:48
I downloaded datapipe.xls zip file again from your https link. Every time I download and uncompress the MD5 checksum is different, and does not match the one you’ve posted.
Comment by baodad — Wednesday 9 January 2013 @ 21:50
@Jonathon Is that the checksum of datapipe.xls? The MD5 should be D161BA48FED1EFF3E20699C0EDD9F995.
Comment by Didier Stevens — Wednesday 9 January 2013 @ 22:23
@baodad I always publish hashes of the file you download, i.e. the ZIP file, and not the content. Have you checked the hash of the ZIP file?
Comment by Didier Stevens — Wednesday 9 January 2013 @ 22:24
OK, Thanks. Yes the MD5 of the ZIP file matches what you posted.
Comment by baodad — Thursday 10 January 2013 @ 20:24
Congrats Didier, its been a long time, since usb virus scan… ive been busy, now i just found out our old email conversations, and decided to say Hi… One Love
Comment by Orlando — Saturday 12 January 2013 @ 11:50
Hi Didier,
SEP notification when opening the linked zip (http://didierstevens.com/files/software/datapipe_V0_0_0_1.zip):
Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Bloodhound.Macro.Prinj
Is this normal behaviour?
Styx
Comment by styx — Tuesday 22 January 2013 @ 11:08
@styx There are 2 AVs on VirusTotal that trigger: https://www.virustotal.com/file/d59e1edacd12b77949f0880eec10efb42453054082803ad219fb563aae458ad5/analysis/1358890294/
“Bloodhound.Macro.Prinj is a heuristic detection for Excel document macros attempting to inject code into other running processes.”
This is not what my datapipe.xls does. It injects code in Excel itself, no into other processes.
Comment by Didier Stevens — Tuesday 22 January 2013 @ 21:35
s/3th/3rd/g
Comment by red — Sunday 27 January 2013 @ 21:36