Attribute VB_Name = "basDatabasePassword" '-------------------------------------------------- ' basDatabasePassword ' ' Get the database password of a Jet 3.0/3.5 database. ' ' -------------------------- ' This code is provided for the express purpose of destroying the burgeoning ' shareware industry of Jet 3.x/3.5x database password crackers. You should ' keep in mind that it is still quite illegal to break into a database you have ' no authorization to view. Please don't do anything that would cause me to ' have less respect for you than for the lifeless souls who try to charge money ' for code of this nature on a "per database" basis. ' ' TO USE: ' 1) Create a new module in any VBA host like Access, Excel, or Visual Basic ' 2) Hit to get to the debug window ' 3) Run the following line of code in the debug window (replacing c:\foo.mdb with ' the full path/name to your database: ' ' ? StPasswordOfStDatabase("c:\foo.mdb") ' ' The function will return the Database Password to you. ' ' -------------------------- ' Sample code to allow you to prove to yourself that the function ' works (the following code can be run from the debug window). ' Change the password from 01234567890123456789 to any ' arbitrary value 1-20 characters in length: ' ' Set dbe = CreateObject("dao.dbengine.35") ' Set db = dbe.CreateDatabase("c:\temp35.mdb", ";LANGID=0x0409;CP=1252;COUNTRY=0") ' db.NewPassword "", "01234567890123456789" ' db.Close: Set db = Nothing: Set dbe = Nothing ' Debug.Print StPasswordOfStDatabase("c:\temp35.mdb") ' -------------------------- ' ' (c) 1998 Trigeminal Software, Inc. All Rights Reserved '-------------------------------------------------- Option Compare Binary Option Explicit Public Function StPasswordOfStDatabase(stDatabase As String) As String Dim hFile As Integer Dim ich As Integer Dim stBuffer As String Dim rgbytRaw() As Byte Dim rgbytPassword() As Byte Dim rgbytNoPassword() As Byte ' Create the byte array with the 20 bytes that are present when there ' is no database password rgbytNoPassword = ChrB(134) & ChrB(251) & ChrB(236) & ChrB(55) & ChrB(93) & _ ChrB(68) & ChrB(156) & ChrB(250) & ChrB(198) & ChrB(94) & _ ChrB(40) & ChrB(230) & ChrB(19) & ChrB(182) & ChrB(138) & _ ChrB(96) & ChrB(84) & ChrB(148) & ChrB(123) & ChrB(54) ' Grab the 20 bytes from the real file whose password ' we are supposed to retrieve hFile = FreeFile Open stDatabase For Binary As #hFile Seek #hFile, 66 + 1 rgbytRaw = InputB(20, #hFile) Close #hFile ' Enough prep, lets get the password now. ReDim rgbytPassword(0 To 19) For ich = 0 To 19 rgbytPassword(ich) = rgbytRaw(ich) Xor rgbytNoPassword(ich) Next ich ' Add a trailing Null so one will always be found, even if the password is 20 ' characters. Then grab up to the first null we find and return the password stBuffer = StrConv(rgbytPassword, vbUnicode) & vbNullChar StPasswordOfStDatabase = Left$(stBuffer, InStr(1, stBuffer, vbNullChar, vbBinaryCompare) - 1) End Function