views:

1023

answers:

2

Hi,

I have a customer that has an old non-existant application; he had a problem with the company that made the application and they won't disclose his database password. He realized that he signed a contract (back then) where it said that he was sort of "renting" the application and they had no right to disclose anything. This customer found out that he's not the only one with the same problem with that company. He's a Dentist and other dentists with the same old application experienced the same problems when trying to buy a new software and attempted to migrate their patients to the new system.

In either case, he wants to open his little firebird database, so we can at least extract some data to our SQL Servers. I have tried with the default 'masterkey' (which is, in fact, 'masterke' due to the 8 char limit) to no avail.

Now I know he could go legal and try to force the company to release his information, but I want to do it the short way. Does anybody know an app that can brute force/crack a legacy Firebird password?

Thanks.

EDIT: The legacy software is "STOMA-W", I cannot even find it on Internet. They are located in Asturias, Spain.

+5  A: 

Firebird does not (yet) store passwords inside the database file.
With this in mind, move the database file to another server where the sysdba password is known.

Douglas Tosi
I really don't know what to do with the file. I have tried a few programs that recognize the file as a database, and prompt me for a password. But I can't get past that.Can you suggest me a tutorial how to move this little file a put it in a server where i have full SYSDBA?Thanks.
Martín Marconcini
Only Firebird Server will recognize the file. You have to use a client (ie isql) to access the database *through* firebird. I'm not really sure what you're trying to do with the file. This is pretty basic stuff. Try googling "getting started firebird".
Douglas Tosi
+1  A: 

On the off chance you can get to a prompt which shows the masked password, ie. password shows as "********" in a text box, you can use Snadboy's revelation to get at this password.