Please start any new threads on our new site at https://forums.sqlteam.com. We've got lots of great SQL Server experts to answer whatever question you can come up with.

 All Forums
 SQL Server 2000 Forums
 SQL Server Development (2000)
 getting back from ENCRYPTION procedure

Author  Topic 

khalik
Constraint Violating Yak Guru

443 Posts

Posted - 2002-05-09 : 02:37:26


i have few stored Procedures which are created my early employees which are encrypted... so now big problem is i have to change those so how do i get the actual contain of the Procedures

thanks

======================================
Ask to your self before u ask someone

Merkin
Funky Drop Bear Fearing SQL Dude!

4970 Posts

Posted - 2002-05-09 : 03:01:43
Tough Luck

If you are using SQL 7 then you might find some routine on the web somewhere to crack it, but I don't like your chances with SQL 2000.

In future, before you encrypt anything, make sure you have the script file checked into source control.

Damian
Go to Top of Page

cutever
Starting Member

32 Posts

Posted - 2002-05-09 : 03:03:31
Once encrypted, u are unable to get back the code again. However, make a copy, before encrypt your code.

Ver
Go to Top of Page

khalik
Constraint Violating Yak Guru

443 Posts

Posted - 2002-05-09 : 04:33:35


quote:
make a copy, before encrypt your code.


so which is not taken that it nothing like getting back...
i have sql7 and sql2000 if i can import can be possible...
any backdoors.......

======================================
Ask to your self before u ask someone
Go to Top of Page

uberbloke
Yak Posting Veteran

67 Posts

Posted - 2002-05-09 : 07:10:35
slightly nervous about posting this but....

link deleted [google if required]

shows how to decrypt a stored proc, includes a link to a tool and an example of how to do it inside QA.

Came across this whilst researching something else and have it in my bookmarks "just in case". Have never used it but it might give you a clue



Edited by - uberbloke on 05/09/2002 11:26:34
Go to Top of Page

robvolk
Most Valuable Yak

15732 Posts

Posted - 2002-05-09 : 09:48:08
I don't want to censor anyone, and I am NOT criticizing anyone here, but in the future please

DO NOT POST LINKS OR INFORMATION THAT DISCUSS WAYS OF DECRYPTING CODE

...or breaking passwords, or anything that can give hackers the means to break into SQL Server. I know that no one intended to do that, but unfortunately it is too easy for someone to use that information for those purposes. Just to head off some basic arguments:

What's the big deal? Someone could just do a Google search and find the same link!
Great, then let the little script kiddie hacker scumbag #@$!% do his own goddamn typing, there's no need to do the work for him. And if someone legitimately needs this procedure, since it is so easy to find, it's no burden for them to do the search themselves

Security vulnerabilities should be discussed so that people are aware of the problems.
Agreed. But there is a difference between talking about nuclear proliferation and how to stop it, and publishing blueprints on how to build an atomic bomb, just to show how easy it is

I'm particularly sensitive about this due to the recent hacking attacks here on SQL Team. Fortunately no serious damage was done, but if you head over to the Snitz Forums:

http://forum.snitz.com/forum/forum.asp?FORUM_ID=20

...and follow some of the threads about Snitz hacking, you'll find out that MANY people lost THEIR ENTIRE FORUM because someone decided to post the vulnerability on BugTraq, and some hackers simply hit Google for "Snitz" and went site-by-site through the results, wantonly hacking away. Only pure luck prevented that from happening to SQL Team, and without that luck this entire forum would be gone, and we would not be discussing this thread now.

I don't want to get into a heated discussion about "but that's what BugTraq is for." The point I want to make is that I don't want ANYONE to be able to say "Hey, I was able to hack this guy's SQL Server based on information I got from SQL Team!"

Go to Top of Page

khalik
Constraint Violating Yak Guru

443 Posts

Posted - 2002-05-10 : 06:12:56


that really bad but every one does it... but i am in a big problem which i have hell lot of procedures and i dont know how i can get back and make changes... i accept what robvolk said... but i need a solutions... a better one.. so if so any one feel like helping me u can mail me at khalik_ash@hotmail.com.... if nothing can be done no problem no hard feelings...

thanks a lot

======================================
Ask to your self before u ask someone
Go to Top of Page

Merkin
Funky Drop Bear Fearing SQL Dude!

4970 Posts

Posted - 2002-05-10 : 10:26:36
I suggest you track down the people who didn't leave the source code behind and threaten them with legal action.

Or find the guy who hasn't been running backups and say some nasty things.

Getting a copy of that source code is by far your best option.

Damian
Go to Top of Page

khalik
Constraint Violating Yak Guru

443 Posts

Posted - 2002-05-13 : 03:59:11


thanks Merkin... it good suggestiona and every one knows that things dont happen like this... he can come up with some dam reason (security reason... some more silly) but that will not my solution... i am showing way to managment and i hope there know it better than i do.. he heeee hahaaaaaaaa

thanks a lot

======================================
Ask to your self before u ask someone
Go to Top of Page
   

- Advertisement -