January 17, 2008 at 8:38 am
egejo15,
I know you're eager to get your problem resolved, but speaking as a paranoid DBA, you should NEVER upload your database files up where someone can hack them. There are serious potential HIPAA / SOX and other privacy law violations you could be opening your company up to serious lawsuits with those actions. And once a hacker knows your data, they could potentially use it to exploit your system later on.
You should pull your files off the site and contact someone local to help you out with this problem. Not just stick them on an open internet site. Even if SSC requires a login, it doesn't take any effort for a hacker to register here.
We'll try to help you the best we can without the files.
January 17, 2008 at 10:39 pm
egejo15 -
You've obviously got database access, and based on the columns in your posted data I'd bet that the user name table in question is not a sql server system table... is the front end application a custom/homegrown or commercial application?
If it's a commercial application have you contacted the vendor? If it's a custom/homegrown app, who in your organization wrote it and can explain the encryption scheme used?
You may not be able to figure out what the passwords are but it should be possible to create new passwords for all of the users including the admin user account once you understand the encryption method used. How many user accounts are you looking at?
Joe
January 18, 2008 at 9:11 am
Steve Jones - Editor (1/16/2008)
If you are sure this person changed passwords, I'd contact a lawyer/solicitor and file a legal action against the person. That might get you some cooperation from them.
VERY MUCH AGREE!!!! If the old DBA didn't get fired but still did this, I am sure if you even contacted the NEW employer and asked to speak with the old DBA, they would help. Because if I was an employer and had a spitful employee like that, I would probably fire on the spot.
As for legal action, there are huge penalties for stuff like that.
And you don't have admin access why? Is this really an issue or not?
And my last comment. CALL AN EXPERT! Don't post you database as was said. There are plently of consultants out there who I am sure can help you with your problem. However, to do it, you need to understand exactly the issue. I suspect that you really don't understand what you are even looking at to fully reveal the issue. I have spent some time reverse engineering applications in my day, and often it really doesn't take much once you get past the initial roadblocks.
January 18, 2008 at 9:23 am
...and specialists would need to be able to ascertain/evaluate if the "facts of the case" as you presented are in fact accurate. Not that I doubt you, but I would need more than a story written on the web from someone with no prior contact for me to take on breaking the encryption on some other organization's security database. I'd be opening myself up to liability.
It's hard enough to do that in person.
You've got a bad situation at hand - I hope you can find someone good locally.
----------------------------------------------------------------------------------
Your lack of planning does not constitute an emergency on my part...unless you're my manager...or a director and above...or a really loud-spoken end-user..All right - what was my emergency again?
January 18, 2008 at 12:28 pm
Good point Matt.
The situation that the OP is given the task to fix this issue without DBA access is a lot less likely than the possiblity that an employee that has a gripe, but no access, wants a way to break into the system, and is asking experts for help is probably more likely.
Sorry, not trying to accuse you of anything, but my previous suggestion of getting an expert on site, or trying to convince the Old DBA the "error in his ways" are much better approaches than us trying to expain how to reverse engineer a cyber.
January 18, 2008 at 12:29 pm
However expletives are most likely the passwords if this really happened as you say..
Viewing 6 posts - 16 through 20 (of 20 total)
You must be logged in to reply to this topic. Login to reply