How to reverse the sp_hidetext command?

Question

It appears that it can't be done, but I really don't know why. When Sql Server executes an stored procedure it needs it's code to run it, so I'm sure that the stored procedure's code must exists in some place, but I don't know where, either.

Maybe this code is encrypted, but it could be decrypted with some tool, since the DBMS needs to do this when execute it.

So, I want to know if there is a well know place where the software stores this code (in some way or the other) and if there is a tool to extract and obtain the source code hidden by the command sp_hidetext.

Answer 1

No. It's a security issue. It's stored internally in a secret way that you can't access. Only the DBMS knows how to get at it, just like a Credential has a password that is encrypted but able to be decrypted so that the password can be used when appropriate.

Answer 2

You have to look at the actual source of sp_hidetext ( with that i mean the absolute low level code that sp_hidetext is created) in order to know the algorithm for hiding the text. The best option here, is to always keep a copy of your original stored procedures as backup. I am sure this is done as part of your SDLC?

Answer 3

From the online sybase manual:

Warning!

Before executing sp_hidetext, make sure you have a backup of the source text. The results of executing sp_hidetext are not reversible.

Answer 4

Rob is right. Even sybase says they cant reverse the code (but I guess they can ;).

Check

$SYBASE/$SYBASE_ASE/scripts/installmaster

there you find a source code of all the procs installed in sybsystemprocs

if you follow the chain, you end up with this:

    /* Do hidetext stuff */
    /* ISSUE, get return value of dbcc */
    dbcc hidetext("#proc_objid_t_tab", 16)

..which is basically internal function with no source available (at least to you.. and me :)