Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us
topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • September 30, 2016, 08:27:26 AM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: How to recover a MySQL Password?  (Read 2356 times)

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,265
    • View Profile
    • www.StoicJoker.com
    • Donate to Member
How to recover a MySQL Password?
« on: November 02, 2015, 09:22:40 AM »
Well I managed to goof, and somehow forgot to document the password for one of our MySQL servers. So I'm looking for password recovery options to try and minimize the impact of forcing my way back into the account. If it helps any ... The pw is stored in a copy MySQL workbench, so hopefully there are 2 possible angles of attack.

I do not want to just reset the password, because of the ripple chasing potential.

Any ideas?

Ath

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 2,751
    • View Profile
    • Donate to Member
Re: How to recover a MySQL Password?
« Reply #1 on: November 02, 2015, 12:47:09 PM »
If all went 'well', not the password is stored, but only a hash of it. Not knowing the hash method will make recovery very hard, especially if a generated password is used. Resetting the password may be the only plausible solution.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,027
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: How to recover a MySQL Password?
« Reply #2 on: November 02, 2015, 01:12:46 PM »
The pw is stored in a copy MySQL workbench, so hopefully there are 2 possible angles of attack.
"Stored"? As in, you can start the workbench, and it will authenticate against the database? Then it should definitely be possible to extract.

Or, do the sensible thing: export a dump, remove MySQL, and restore to a Postgres ;)
- carpe noctem

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,214
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
Re: How to recover a MySQL Password?
« Reply #3 on: November 02, 2015, 01:33:26 PM »
If all went 'well', not the password is stored, but only a hash of it. Not knowing the hash method will make recovery very hard, especially if a generated password is used.

A rainbow table attack could work. Very fast and efficient. The only problem is downloading the rainbow tables, but that should just be a matter of searching.



Other than that (or the dump method), I suppose you could write a program or script to brute force the password if you can come up with a set of passwords or password patterns that you usually use.

If you use patterns, e.g. <somebody's name><4 digits><2 symbols><obligatory curse word>, and know that each of those has 10 possibilities that you usually use, then you can store them all in a database and do a cross join to get the full set to use in a brute force attack. I've done it before, and it's pretty effective. Or you can just write up a program to do the cross join from string arrays for you. That's just a bunch of nested loops, so it's probably about as fast to write a custom program as to actually do it from a database.

However, I don't know of any MySQL password recovery tools.

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,265
    • View Profile
    • www.StoicJoker.com
    • Donate to Member
Re: How to recover a MySQL Password?
« Reply #4 on: November 02, 2015, 03:13:14 PM »
If all went 'well', not the password is stored, but only a hash of it. Not knowing the hash method will make recovery very hard, especially if a generated password is used. Resetting the password may be the only plausible solution.

Shit... That's what I'd originally thought, but was hoping I was wrong.


The pw is stored in a copy MySQL workbench, so hopefully there are 2 possible angles of attack.
"Stored"? As in, you can start the workbench, and it will authenticate against the database? Then it should definitely be possible to extract.

Yes ... But as to how to go about extracting it, I've not a clue.

The second part I may consider down the road, if Postgre is also free...and has the same level of readily available documentation. Is there a specific issue with MySQL that you're picking at here?


Other than that (or the dump method), I suppose you could write a program or script to brute force the password if you can come up with a set of passwords or password patterns that you usually use.

Um... No. As I have a feeling I deviated radically from the mnemonics I usually use for this system.

Ath

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 2,751
    • View Profile
    • Donate to Member
Re: How to recover a MySQL Password?
« Reply #5 on: November 02, 2015, 03:44:34 PM »
Yes ... But as to how to go about extracting it, I've not a clue.
I assume, by context and fodder's creds, the extract is targeted at the data, not the password ;) After all, you won't need that password after you switch to Postgresql :P

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,027
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: How to recover a MySQL Password?
« Reply #6 on: November 03, 2015, 06:16:37 AM »
Yes ... But as to how to go about extracting it, I've not a clue.
It might be possible by doing a memory dump, or by sniffing network traffic while connecting to the database. Also, I'd be surprised if there isn't a tool out there somewhere to do it, but a few quick google searches just gave me "reset root password" stuff.

The second part I may consider down the road, if Postgre is also free...and has the same level of readily available documentation. Is there a specific issue with MySQL that you're picking at here?
Gratis and Libre, and not entangled in whOracle's nasty tentacles - also a proper database, and one I see much fewer horror stories about on our techies mailing-list than MySQL/MariaDB :)
- carpe noctem

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,027
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: How to recover a MySQL Password?
« Reply #7 on: November 03, 2015, 06:30:23 AM »
Right, took a look at the MySQL Workbench sourcecode - passwords seem to be stored in workbench_user_data.dat, protected with the CryptProtectData WIN32 API - without any application-specific entropy. So it should be pretty trivial to decrypt - as long as you have access to the user account the workbench was run from :)

Also, from my quick spelunking it looks like the passwords are kept unencrypted in memory, so a process memory dump should also work, although there's the needle/haystack issue with that.
- carpe noctem

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,265
    • View Profile
    • www.StoicJoker.com
    • Donate to Member
Re: How to recover a MySQL Password?
« Reply #8 on: November 03, 2015, 06:49:46 AM »
Right, took a look at the MySQL Workbench sourcecode - passwords seem to be stored in workbench_user_data.dat, protected with the CryptProtectData WIN32 API - without any application-specific entropy. So it should be pretty trivial to decrypt - as long as you have access to the user account the workbench was run from

hehe Well... I am the user account the workbench was/is run from, so that part's covered. However I fear we may have slightly different perceptions of what is trivial.. :D ..As I have no where near your background in Crypto. So if you could give me a hint or two on how to hang the code together it would be greatly appreciated.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,027
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: How to recover a MySQL Password?
« Reply #9 on: November 03, 2015, 07:19:08 AM »
However I fear we may have slightly different perceptions of what is trivial.. :D
Here you go, my friend - trivial :)

shot-2015-11-03@14.15.33.png

Without all the file opening and other red tape, it all boiled down to this:
Code: C++ [Select]
  1. std::vector<unsigned char> decrypt(BYTE *input, size_t length) {
  2.         DATA_BLOB inblob { length, input };
  3.         DATA_BLOB outblob;
  4.  
  5.         if (!CryptUnprotectData(&inblob, NULL, NULL, NULL, NULL, CRYPTPROTECT_UI_FORBIDDEN, &outblob)) {
  6.                 throw std::runtime_error("Couldn't decrypt");
  7.         }
  8.  
  9.         std::vector<unsigned char> output(length);
  10.         memcpy(&output[0], outblob.pbData, outblob.cbData);
  11.  
  12.         return output;
  13. }
- carpe noctem

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 6,265
    • View Profile
    • www.StoicJoker.com
    • Donate to Member
Re: How to recover a MySQL Password?
« Reply #10 on: November 03, 2015, 11:31:51 AM »
Worked perfectly - Thank You!!

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,027
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: How to recover a MySQL Password?
« Reply #11 on: November 03, 2015, 11:34:08 AM »
Worked perfectly - Thank You!!
You're welcome - I'm glad it worked :)
- carpe noctem

mouser

  • First Author
  • Administrator
  • Joined in 2005
  • *****
  • Posts: 36,270
    • View Profile
    • Mouser's Software Zone on DonationCoder.com
    • Read more about this member.
    • Donate to Member
Re: How to recover a MySQL Password?
« Reply #12 on: November 03, 2015, 08:23:55 PM »
wow that was cool to watch. people helping each other. nice  :Thmbsup:

SeekerDK

  • Participant
  • Joined in 2016
  • *
  • default avatar
  • Posts: 1
    • View Profile
    • Donate to Member
Re: How to recover a MySQL Password?
« Reply #13 on: March 22, 2016, 05:21:41 AM »
Here you go, my friend - trivial :)

Create an account just to thank for this  :Thmbsup: :Thmbsup: :Thmbsup:

Thank you Google, donationcoder and of course f0dder  :D

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,027
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: How to recover a MySQL Password?
« Reply #14 on: March 22, 2016, 07:07:12 AM »
You're welcome :)
- carpe noctem