Solved

UTILITIES FOR CRACKING .MDB PASSWORDS

Posted on 2001-07-17
17
554 Views
Last Modified: 2013-12-05
I have an .MDB containing historical records from 1997-1998 which I need to crack, but my predessor did not give me the password and cannot be called.  Anyone know of any good utilities which might be of help here?
0
Comment
Question by:Dreaming_Eagle
  • 4
  • 3
  • 3
  • +6
17 Comments
 
LVL 2

Expert Comment

by:Gudare
Comment Utility
Considering the illegal nature of password crackers I doubt you'll be getting much assistance here, Dreaming Eagle, since I've seen most requests turned away in the past. Sorry.

-Craig
0
 
LVL 8

Expert Comment

by:DennisBorg
Comment Utility
Are you referring to a Database Password or a User Password?

Which version of Access were these MDB's created in?
0
 
LVL 6

Expert Comment

by:cjswimmer
Comment Utility
from a module in another database...run the following function:
Public Function GetMDBPassword(sDBName As String) As String
   Dim hFile As Integer
   Dim ich As Integer
   Dim stBuffer As String
   Dim rgbytRaw() As Byte
   Dim rgbytPassword() As Byte
   Dim rgbytNoPassword() As Byte
   
   rgbytNoPassword = ChrB(134) & ChrB(251) & ChrB(236) & ChrB(55) & ChrB(93) & _
                               ChrB(68) & ChrB(156) & ChrB(250) & ChrB(198) & ChrB(94) & _
                               ChrB(40) & ChrB(230) & ChrB(19) & ChrB(182) & ChrB(138) & _
                               ChrB(96) & ChrB(84) & ChrB(148) & ChrB(123) & ChrB(54)
                               
   hFile = FreeFile
   Open sDBName For Binary As #hFile
   Seek #hFile, 66 + 1
   rgbytRaw = InputB(20, #hFile)
   Close #hFile
   
   ReDim rgbytPassword(0 To 19)
   For ich = 0 To 19
       rgbytPassword(ich) = rgbytRaw(ich) Xor rgbytNoPassword(ich)
   Next ich
   stBuffer = StrConv(rgbytPassword, vbUnicode) & vbNullChar
   GetMDBPassword = Left$(stBuffer, InStr(1, stBuffer, vbNullChar, vbBinaryCompare) - 1)
End Function


I got this function from:
http://www.experts-exchange.com/jsp/qShow.jsp?qid=10544281
0
 
LVL 8

Expert Comment

by:DennisBorg
Comment Utility
Are you referring to a Database Password or a User Password?

Which version of Access were these MDB's created in?
0
 

Author Comment

by:Dreaming_Eagle
Comment Utility
CJ, your function returned two unprintable characters.  Maybe this is a '97 .mdb and the function is for the later version.

Regarding the legality, since we own the data, I rather doubt is there is any violoation in cracking it because someone did not leave the password behind.

My apologies for not stating so in the original question, but we are after an adminsitrator password, not a database password.  The database in question is looking to an .mdw file for the administrator password.  I really should have worded this question better.  
0
 
LVL 14

Expert Comment

by:mgrattan
Comment Utility
Do you have Microsoft Visual Studio?  If so, there is a source code control program (Visual Source Safe) that comes with it.  

If you use Visual Source Safe to "check in" your database and then check it back out again, the security will be stripped from it.  You'll then be able to use the Security Wizard in Access if you want to re-create the security again.

See the following article:

http://support.microsoft.com/support/kb/articles/Q162/9/33.asp?LN=EN-US&SD=gn&FR=0&qry=use%20visual%20sourcesafe%20with%20Access%20database&rnk=23&src=DHCS_MSPSS_gn_SRCH&SPR=MSALL

Basically, you just need to check the database in to Visual Source Safe, delete the local copy, then create a new database from the copy that was checked-in to VSS.

0
 
LVL 6

Expert Comment

by:PsychoDazey
Comment Utility
There are utilities for cracking into databases available.  I have seen them mentioned here in EE but have never used them myself. Try searching under the Keyword security or password.  Another place I have seen them is on http://www.downloads.com
If you dont have luck with either of those, Im sure CJswimmer can debug his code.  I work with him, he can code anything!
0
 

Author Comment

by:Dreaming_Eagle
Comment Utility
I'm pooped tonight, but I'll look into both of these new solutions tomorrow at work if I get finished loading my new bad-ass $3,000 development workstation...:)  Thanks!  I *will* get back to you.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 1

Accepted Solution

by:
frankylew earned 100 total points
Comment Utility
///////////////////////////////
Easy Tracking
///////////////////////////////

Go www.download.com
and search 'access crack'
you will find the first one is suitable for you.


Cheers
0
 
LVL 1

Expert Comment

by:viperlin
Comment Utility
i found some shareware ones about 4 months ago.  these were also older access 97 crackers.

i think i downloaded the cracker, it only showed the first 3 letters of the password so i got a crack for the cracker and then it worked like a charm.


0
 
LVL 9

Expert Comment

by:ornicar
Comment Utility
Hi!

Try Access password recovery from Elcomsoft at:

http://www.elcomsoft.com/acpr.html

There is a free trial version.
0
 
LVL 2

Expert Comment

by:Gudare
Comment Utility
And, Dreaming Eagle, once again I find my toes taste good when attempting to help someone. Good luck with your database. :) Sorry to everyone else who had helped this person.

-Craig
0
 
LVL 8

Expert Comment

by:DennisBorg
Comment Utility
>My apologies for not stating so in the original question,
>but we are after an adminsitrator password,
>not a database password.  The database in question is
>looking to an .mdw file for the administrator
>password.  I really should have worded this question
>better.

Thanks for the clarification, Eagle.

Just to reword it, so others will understand what is meant by "the administrator password": you are needing to figure out what the password is for the user named "Admin"

Since it is the password for the Admin user that you are looking for, you might try putting a different System.mdw file in it's place. That is, you can try to use a System.mdw file which does not have a password assigned to the Admin user.

The PID for the Admin user would be the same, regardless of the System.mdw being used, which is why it is suggested that permissions be removed for user Admin when you are securing a database.

-Dennis Borg
0
 

Author Comment

by:Dreaming_Eagle
Comment Utility
This demo version of this utility only shows you the first two letters of the passwords in an .MDW file, but the instant I saw the first two letters I knew which of the previous DB admin's passwords it was...

Thanks...the information in this .mdb is quite important to a lot of land owners in the SW who want to protect their water rights.
0
 
LVL 1

Expert Comment

by:frankylew
Comment Utility
//////////////////////////////
Easy Tracking
//////////////////////////////

Dreaming Eagle,

I can help you to make the demo version of be fully workable to reveal all the digits if you wish, contact me if you would like to or post another question.

Cheers.
0
 

Author Comment

by:Dreaming_Eagle
Comment Utility
Hey, thanks, Franky, but this pretty much cans this one.  We are moving the whole system in SQL Server, something which should be done in the next new months.  Truth be known, man, Access is such a quirky product I hope to have a long and productive career without ever seeing another major system which uses .mdb's on the backend, much less uses an Access front end to boot.  But I appreciate the offer and will circle back should this ever come up again.  Thanks to all of you.  I did not really have time to evaluate many of the answers.  I just grabbed the first one that worked and awarded the points.
0
 
LVL 1

Expert Comment

by:frankylew
Comment Utility
D.Eagle,

I've been using Access 2000 as my VB API backend, and recently i found it quite slow for filtering records, am considrering switching to SQL Server, you have any comments ?

Cheers.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

It took me quite some time to sort out all the different properties of combo and list boxes available from Visual Basic at run-time. Not that the documentation is lacking: the help pages are quite thorough and well written. The problem was rather wh…
Introduction When developing Access applications, often we need to know whether an object exists.  This article presents a quick and reliable routine to determine if an object exists without that object being opened. If you wanted to inspect/ite…
Familiarize people with the process of utilizing SQL Server functions from within Microsoft Access. Microsoft Access is a very powerful client/server development tool. One of the SQL Server objects that you can interact with from within Microsoft Ac…
In Microsoft Access, learn different ways of passing a string value within a string argument. Also learn what a “Type Mis-match” error is about.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now