Hello, I have several password-protected MS Access databases, and *none* of them has it's password stored as plain text... Your exploit never worked! Best wishes, ----------------------------------------------------------------------------- Ricardo Peres E-mail: rjperesat_private ICQ UIN: 708926 TM: 0931 9459192 Departamento de Engenharia Informática Universidade de Coimbra PORTUGAL ----------------------------------------------------------------------------- On Thu, 4 Feb 1999, Donald Moore (MindRape) wrote: > ====================================================================== > Title: Microsoft Access 97 Stores Database Password as Plaintext > Date: 02/03/99 > Author: Donald Moore (MindRape) > E-mail: damagedat_private > ====================================================================== > > Microsoft Access 97 databases protected with a password are stored in > foreign mdb's table attachements as plaintext. This can be accessed very > easily by issuing a strings and grep operation on the foreign mdb. > > Example: > % strings db1.mdb | grep -i "pwd" > > MS Access;PWD=plaintext;Table2pppppppjI'% > MS Access;PWD=plaintext;Table1qqqqqqqkJ(& > > ====================================================================== > Impact of Exploit > ====================================================================== > > Having the password allows the secured mdb to be unlocked, giving permission > to view database objects, possibily revealing other database connection > strings, propiertary source code, tampering of data. One such commercial > database marketed by FMS, Inc., Total VB SourceBook 6.0, can be easily > compromised using this method. > > > ====================================================================== > How to Recreate > ====================================================================== > > 1. Create an mdb > 2. Create a Table > 3. Reopen the new mdb in exclusive mode > 4. From the Tools Menu, select Security and then click Set Database > Password > 5. Set database password > 6. Exit Access > 7. Create another mdb > 8. From the File Menu, select Get External Data, and click Link Tables.... > Select > the passworded mdb and then select the table you created. > 9. Exit Access > 10. Perform a strings+grep on the 2nd mdb to reveal the password. > > > - - - ------------------------------------------------- - -- --- > ______ ______ . > .:_\___ \\_ . \_::. > Donald Moore (MindRape) . .::./ ./ // ./__/.:::. . > _<_____/<____ >_:. > Email: mindrapeat_private . \/ . > damagedat_private Damaged Cybernetics > - - - ------------------------------------------------- - -- --- >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:32:35 PDT