Re: [NF] Open Source Rookie + Database Servers

Tue, 05 Sep 2006 06:16:26 -0700 

You're assuming that the password is stored in either an  unencrypted form



Definetely No. If you are a MySQL developer that knows what function does 
the checking and returns .T. if we have a valid pwd then you can easily 
modify the routine to return *always* .T.

Is it difficult?

-Vassilis





----- Original Message ----- 
From: "Ed Leafe" <[EMAIL PROTECTED]>

To: "ProFox Email List" <[email protected]>
Sent: Tuesday, September 05, 2006 4:09 PM
Subject: Re: [NF] Open Source Rookie + Database Servers



On Sep 5, 2006, at 8:59 AM, Vassilis Aggelakos wrote:


Ok that's clear but if I, as a developer of MySQL for example ,  know 
that root's SuperDifficultAndEncrypted password is stored at  the 
registry under HKLM\MySQL\PWD\etc. or at various registry keys  or at the 
154th byte of the sample.bin file or that it is stored at  54th sector of 
the primary disk I can easily gain access to the  system.
The root's password is stored - encrypted somewhere in my pc if  know the 
place I can replace it with my encrypted form of a known  password, or 
even worst if I can modfy the checking routines it is  really easy to do 
the job.


Am I missing something obvious?



Yes. You're assuming that the password is stored in either an  unencrypted 
form, or in a reversibly-encrypted form. Most serious  tools use one-way 
encryption, meaning that there is no way to  determine the original value 
from the stored value. Password matching  is done by applying the same 
one-way algorithm to the submitted  password, and if the result is the 
same as the stored encrypted  value, it's a match.



Obviously, this is still prone to dictionary attacks if you use weak 
passwords, but are not discoverable otherwise.


-- Ed Leafe
-- http://leafe.com
-- http://dabodev.com






[excessive quoting removed by server]

_______________________________________________
Post Messages to: [email protected]
Subscription Maintenance: http://leafe.com/mailman/listinfo/profox
OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech
** All postings, unless explicitly stated otherwise, are the opinions of the 
author, and do not constitute legal or medical advice. This statement is added 
to the messages for those lawyers who are too stupid to see the obvious.






















					Reply via email to