On 02/27/13 10:42, Matt Hunter wrote: > Thanks for the help Alex, > Logging plain passwords was only so that I can determine what > passwords are being sent to the server. > What I really need to do is to find out what password is being > sent from a particular windows client app that my client owns as it is > the only way to get access to their data. > It is kind of a messy situation but amounts to them being locked > out of their own servers by the network admins and so can't get > backups of their database. > The network admin people recompiled the app that I wrote and > changed the password. > I just need to be able to get copies of their data. > At least the situation has finally given me an excuse to get > involved in the firebird code because there are some ideas that I want > to try out when I get up to speed. > > At the moment, I am thinking of just altering the windows client > dll to spit out the password as I assume that that is what does the > encrypting.
There are many ways to do what you want. First of all, you certainly can get passwords from fbclient - see remote/interface.cpp. Next, you may slightly change fbclient to make it convert dpb_password to dpb_password_enc not calling crypt, just changing tag. And after it use encrypted passwords from server. Or bruteforce encrypted passwords - on modern computer this would not take too long, as I've said encryption is old and poor. But get ready that in FB3 the only option will be first one. ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_feb Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
