The dude – database/password extraction
I was trying to extract SNMP passwords from a dude data export, I couldn’t actually find them, but the dude password itself is in cleartext… here are the first steps in this process anyway:
1. Export from dude, download the file called backup*.tgz
2. Download and install sqlite3
3. Extract backup data:
3.1 Create the following C++ program, which converts the sqllite blob data to text:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 | #include <iostream>#include <fstream>#include <sstream>using namespace std;int main() { ifstream file("o.txt"); for(;!file.eof();) { string t; getline(file,t); if(file.eof()) break; size_t startpos=0; size_t endpos=0; bool first=true; for(size_t n=0;n<t.size();n++) { if(t[n] == '\'') { if(first) startpos = n+1; else endpos = n; first=false; } } t = t.substr(startpos,endpos-startpos); cout << "output: "; if(t.size() > 0) for(size_t n=0;n<(t.size()-1);n+=2) { string s; s += t[n]; s += t[n+1]; unsigned int c; stringstream ss; ss << std::hex << s; ss >> c; cout << string(1,c); } cout << endl; }}[/sourcecode]g++ fileabove.cpp #compile the above code.The do the following to extract the strings from the blobs:[sourcecode language="bash"]mkdir dudebackupcd dudebackupcp ../backup*.tgz .tar xvzf backup*.tgz~/Downloads/sqlite3 ./dude.db # or wherever sqlite is...echo '.dump' | ~/Downloads/sqlite3 dude.db > dude.txtgrep objs o > o.txt./a.out > o.conv |
o.conv will then contain a load of blob data. If you grep for “password” you’ll find the dude password. The same password seems to be used to encrypt the login credentials but I haven’t figured out where those are yet.
RSS