MS Money 2.0 Back Door While most password protection schemes AccessData encounters require a great deal of complex analysis to break, some password schemes are easily broken with nothing more than a pencil, paper, a good hex editor, and a little bit of creativity. MS Money 2.0 is an example of the latter type. To recover an MS Money 2.0 password open the data file (the file with the MNY extension) with a disk editor like Norton Utilities DiskEdit. Move to offset position 444. This value is the number of characters in the password. Starting with offset 445 is the hash of the password. The generation of the hash value is very simple. The password simply XORed with a portion of the string "Microsoft Barney". The result is then padded with hex 0xFF to make 16 bytes and stored at offset 445. To recover the original password simply re-XOR the hash value with the string "Microsoft Barney" for a second time and the password simply falls out. As an example: this is the hex values starting at offset 444 of an MSMONEY.MNY file locked with the password "ALEXANDER". Note that the HEX value at offset equals the number of characters in "ALEXANDER." 09 0C 25 26 2A 2E 3D 2B 23 26 00 If we start with offset 445 and XOR this string with the Hex representation of the string "Microsoft Barney" we get a result as following: 0C 25 26 2A 2E 3D 2B 23 26 ^ 4D 69 63 72 6F 73 6F 66 74 41 4C 45 58 41 4E 44 45 52 The resulting string is the Hex representation of the password "ALEXANDER." . This back door is provided as a courtesy of AccessData Corporation. If you have interest in password recovery for any other applications please feel free to give us a call or e-mail us. Our phone numbers are 800-489-5199 or 801-224-6970. E-mail amber@accessdata.com.
This page was created Wed Aug 11 12:45:40 EDT 1999
Using Linux
version 2.0.32
on an i586
Main Page @ Matarese.com
Acquiring Account Information @ Matarese.com
Act2! by Symantec @ Matarese.com
All hacks / Annoyance @ Matarese.com
Alt 2600 Group FAQ @ Matarese.com
Hacking Angelfire @ Matarese.com
Anonymous E-Mail @ Matarese.com
Hacking BBS's @ Matarese.com
List of Common Bugs @ Matarese.com
Things that go Bump on the Internet @ Matarese.com
Expanding the capacity of Caller ID Boxes @ Matarese.com
The Matarese Circle @ Matarese.com
Cops and Robbers | UNIX Security @ Matarese.com
Credit Carding Part I @ Matarese.com
Exploits FAQ @ Matarese.com
Making Free Calls @ Matarese.com
FTP Bouncing @ Matarese.com
Hackers Encyclopedia @ Matarese.com
Hacking from Windows9x FTP @ Matarese.com
Hacking Tripod @ Matarese.com
Hacking Web Pages @ Matarese.com
How to crack a UNIX password file. @ Matarese.com
Hacking Servers : A Begginners Guide @ Matarese.com
Hacking Tutorial @ Matarese.com
Hacking UNIX @ Matarese.com
How to Hack the WWWboard Message Board 2.0 @ Matarese.com
Hackers Handbook @ Matarese.com
Guide to Harmless-Hacking @ Matarese.com
All about security holes @ Matarese.com
Hacking Hotmail @ Matarese.com
]How to Hack from from Harlequin and Archangel @ Matarese.com
Improve security by breaking into your site @ Matarese.com
Internet Security @ Matarese.com
IRC Hacking FAQ by Lord Somer @ Matarese.com
Lan Technology Scorecard @ Matarese.com
Harmless Hacking - Linux @ Matarese.com
Mail Spoofing Explained @ Matarese.com
Microsoft IIS Vulnerability @ Matarese.com
Microsoft(Yuk) Index Server exposes IDs and Passwords @ Matarese.com
Intresting Microsoft Access 7.0 Trick @ Matarese.com
QueSO Test Drive @ Matarese.com
unix linux networking c c++ operating systems Copyright (C) 1999 - Matarese.com