简体繁体 English

如何破解dBase文件密码？

[英]How to crack a dBase file password?

原文 2011-05-18 12:54:45 7 3 c#/ security/ passwords/ dbase/ cracking

I've inherited a bunch of dBase (.dbf) files from a legacy application, and I need to import the data into MS SQL or MS Access. 我从遗留应用程序继承了一堆dBase（.dbf）文件，我需要将数据导入MS SQL或MS Access。 I know these programs have built in "import" functions, but the dBase files are protected with a password, which nobody around here seems to know. 我知道这些程序内置了“导入”功能，但dBase文件受密码保护，这里的人似乎都不知道。

Anyone know of any way around the password, or of cracking the password? 有人知道密码或破解密码吗？

(Edit: added C# tag bc that's the language I'll likely use for any programmatic solution) （编辑：添加了C＃tag bc，这是我可能用于任何程序化解决方案的语言）

Bounty awarded: I don't really have a good solution yet, but it's only 2 hours till the bounty closes, so I guess I should award it to the most useful answer thus far. 赏金奖励：我还没有一个很好的解决方案，但是只有2个小时才能获得赏金，所以我想我应该把它奖励给目前为止最有用的答案。 And in that respect, I think the $75 paid solution is probably the most time and energy efficient, even if it doesn't give me the intellectual satisfaction of cracking it myself! 在这方面，我认为75美元的付费解决方案可能是最节省时间和最节能的，即使它不能让我自己解决它的智力满足感！ :) :)

I'm going to leave the question "unanswered" for the meantime, until I see if any of the solutions actually work... 我将在此期间留下“未答复”的问题，直到我看到任何解决方案是否真的有效......

3 个解决方案

There is probably a way around the password, and there is certainly a way to brute force access if the password cannot be bypassed. 密码可能有办法，如果无法绕过密码，肯定有办法强制访问密码。 One site offers the a tip about changing certain binary data within your file using a hex editor to disable password protection: http://www.antionline.com/archive/index.php/t-218086.html . 一个站点提供了关于使用十六进制编辑器更改文件中的某些二进制数据以禁用密码保护的提示： http ： //www.antionline.com/archive/index.php/t-218086.html 。 Test that on a copy. 在副本上测试。

It is still not wholly uncommon to see instances where an application respects a security setting, but the security is not particularly relevant. 查看应用程序遵守安全设置的实例仍然并不完全不常见，但安全性并不特别相关。 Cases would include where the file has a flag designating protection, but the data is not actually encrypted. 案例将包括文件具有指定保护的标志的位置，但数据实际上未加密。 If the above doesn't solve your problem, open the file in a hex editor and see if information is recognizable in plain text. 如果上述方法无法解决您的问题，请在十六进制编辑器中打开该文件，查看信息是否可以通过纯文本识别。

If that doesn't work, I'd suggest grabbing a copy of John the Ripper and writing some bridge code to use the output of JTR's guesses as input for a dbase library's open calls. 如果这不起作用，我建议抓取一个John the Ripper并编写一些桥接代码，以使用JTR猜测的输出作为dbase库的开放调用的输入。

Just found this: http://www.pwcrack.com/dbase.shtml 刚发现这个： http ： //www.pwcrack.com/dbase.shtml

They want $75 for cracking a dBase password, website seems legitimate. 他们想要破解dBase密码75美元，网站似乎合法。

(I am not affiliated) （我不隶属）

Cain and Abel may be useful. 该隐和亚伯可能有用。 It is free. 这是免费的。