home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Hacks & Cracks
/
Hacks_and_Cracks.iso
/
hackersclub
/
km
/
library
/
hack
/
msmoney.txt
< prev
next >
Wrap
Text File
|
1998-03-25
|
2KB
|
34 lines
MS Money 2.0 Back Door
While most password protection schemes AccessData encounters require a great deal of complex
analysis to break, some password schemes are easily broken with nothing more than a pencil, paper,
a good hex editor, and a little bit of creativity. MS Money 2.0 is an example of the latter type.
To recover an MS Money 2.0 password open the data file (the file with the MNY extension) with a
disk editor like Norton Utilities DiskEdit. Move to offset position 444. This value is the number of
characters in the password. Starting with offset 445 is the hash of the password. The generation of
the hash value is very simple. The password simply XORed with a portion of the string "Microsoft
Barney". The result is then padded with hex 0xFF to make 16 bytes and stored at offset 445. To
recover the original password simply re-XOR the hash value with the string "Microsoft Barney" for
a second time and the password simply falls out.
As an example: this is the hex values starting at offset 444 of an MSMONEY.MNY file locked with
the password "ALEXANDER". Note that the HEX value at offset equals the number of characters
in "ALEXANDER."
09 0C 25 26 2A 2E 3D 2B 23 26 00
If we start with offset 445 and XOR this string with the Hex representation of the string "Microsoft
Barney" we get a result as following:
0C 25 26 2A 2E 3D 2B 23 26
^ 4D 69 63 72 6F 73 6F 66 74
41 4C 45 58 41 4E 44 45 52
The resulting string is the Hex representation of the password "ALEXANDER." .
This back door is provided as a courtesy of AccessData Corporation. If you have interest in
password recovery for any other applications please feel free to give us a call or e-mail us. Our
phone numbers are 800-489-5199 or 801-224-6970. E-mail amber@accessdata.com.
