Re: MS Access 2.0

acpizer@mach.unseen.org
Fri, 26 Jun 1998 16:05:10 +0100 (BST)

• Next message: Adam Shostack: "Re: MS Access 2.0 (fwd)"
• Previous message: Robert Hettinga: "Re: Microsoft patent"
• In reply to: Wei Dai: "Re: Microsoft patent"
• Next in thread: C Matthew Curtin: "Re: MS Access 2.0"
• Reply: C Matthew Curtin: "Re: MS Access 2.0"

he's making money on your account, maybe it doesn't bother you, but it
does bother me.

 bye,
   acpizer.

On Tue, 23 Jun 1998, Adam Shostack wrote:

> Part of doing research is to ensure you're not re-inventing
> the wheel before you start doing hard work. I'm perfectly happy to
> have Mike ask questions about this stuff; the answers are often
> enlightening to the rest of us.
>
> Anyway, Access97 passwords are stored in the 13 bytes from offset
> 0x42 in a .mdb file. Do a bitwise XOR with 0x86, 0xFB, 0xEC, 0x37,
> 0x5D, 0x44, 0x9C, 0xFA, 0xC6, 0x5E, 0x28, 0xE6, 0x13 to recover the
> plaintext. I think that if the first byte is 0x86, the password is
> not checked.
>
> Adam
>
>
>
>
> acpizer@mach.unseen.org wrote:
> | You call yourself "Cryptographer / Programmer" but can't figure out how
> | access' password verification algorithm works?
> |
> | You expect everybody to help you, earn your money and do it YOURSELF.
> |
> | stop asking stupid questions and do the research on your own.
> |
> | signed,
> | acpizer.
> |
> |
> | On Fri, 19 Jun 1998 staym@accessdata.com wrote:
> |
> | > Does anyone know what algorithm MS uses to verify passwords for Access
> | > 2.0 accounts?
> | > --
> | > Mike Stay
> | > Cryptographer / Programmer
> | > AccessData Corp.
> | > mailto:staym@accessdata.com
> | >
> |
>
>
> --
> "It is seldom that liberty of any kind is lost all at once."
> -Hume
>
>
>

• Next message: Adam Shostack: "Re: MS Access 2.0 (fwd)"
• Previous message: Robert Hettinga: "Re: Microsoft patent"
• In reply to: Wei Dai: "Re: Microsoft patent"
• Next in thread: C Matthew Curtin: "Re: MS Access 2.0"
• Reply: C Matthew Curtin: "Re: MS Access 2.0"