[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Microsoft Access 97 MDW files

Does anyone know if there is a document that describes the
algorithm used to scramble the password found in Microsoft Access
MDW files?  I've tried my luck with the archives here, and on
Google, and I don't believe that this is a topic that has been

I'm particularily concerned with the Password column in the
MSysAccounts table.  At first glance I can see only 64 bits of

Here is a snippet from two columns copied and pasted into
notepad, one per line, saved, and then converted to hex:


>From this I've guessed that "fffe" is a unicode header, which
gives me:


Since the rows are CR/LF delimited we get:


This file is also stored little-endian, so we get:


The first is a row that contains a password, the second row
contains a password of "" (0 length string)

If we separate the rows where the data matches we get:

2bddbfb1e15292e4 526967add5f3e6e1
526967add5f3e6e1 526967add5f3e6e1

It seems that the LS = RS on the empty password line, and RS = RS
between the two lines.  I've tried putting in a single character
password, but it seems to modify many bits in the LS.  Based on
this information, it seems that a 64-bit hash function is used to
calculate the left side, and the right side is used to obfuscate
the result of the function via XOR (which yeilds a result of 0
when LS = RS).  I also presume that the value of obfuscating the
results of the hash function is so that the output is not
noticably predictable at a glance?

Does anyone have information that they can share to help the
progression of this train of thought, or documentation to point
in the right direction?