Password Recovery

Once again you find yourself in the familiar situation of having to access something but not having the authentication details to do so. In this case it’s the product documentation system. Everything had been going so well with your latest product release. Developers had signed off on it, testers were ok, and the only sticking point was updating the release notes in the documentation.

maybe it's admin?

The guy who normally updates the documentation is no longer working for the company. Your other colleague with his own login is travelling and is in a different timezone. While the person who was responsible for the original install is long gone. IT know nothing about this system and you have to update it today.

What to do. What to do.

Well you do happen to have full administrator access to the web server hosting the documentation web application. So maybe you can recover the usernames & passwords somehow?

Opening up the Remote Desktop Connection application you connect to the web server and start to poke around. Quickly you find the web configuration and where this web application lives.

Oh wait, no, scratch that. This is a Windows Server running IIS.

Opening up the Remote Desktop Connection application you connect to the web server and are greeted with a Windows Server desktop environment. You struggle to remember where the IIS management interface lives. After much searching you eventually rediscover that its buried in the server management interface. Right. Now just have to remember how these sites map to files and aha! here’s the directory where the documentation web app lives.

Ok. Well here’s a directory named after our product, and in that directory is another directory called data. In data there’s a single file called project.dat. Sounds interesting enough. You copy project.dat over to your local system and break open your favorite hex editor:

It’s a Standard Jet DB! You know this!

Firing up Microsoft Access and opening project.dat shows a list of tables. What? No database password?

Database tables

That _Users table looks interesting:

_Users table

Game over.

Using this new found knowledge you quickly update the release notes. Then make further notes that the company really really needs a new documentation system.