Forgot the username and password of *fdb (firebird) database. Is there anyway I can crack this database?

database security firebird cracking firebird-3.0
Rana Hadaiq Ahmad picture Rana Hadaiq Ahmad · Sep 26, 2018 · Viewed 16.6k times · Source

I have database of firebird of more than 8 GB and I want to migrate all the data from it. But I have forgotten the username and password. Is there anyway or any tool through which I can crack this database and can get my data back?

Answer

Mark Rotteveel picture Mark Rotteveel · Sep 26, 2018

In most Firebird setups, the username and password is kept in a central security database (security3.fdb in the case of Firebird 3). If you don't know the username and password of a user anymore, you have the following options.

Be aware, this answer uses Firebird 3 as its base, but most options also apply to Firebird 2.5 and earlier. Instead of security3.fdb, use security2.fdb. The create user and alter user steps only work in Firebird 2.5 or higher.

  1. Use the sysdba account (or another user with RDB$ADMIN role in the security database) to reset the password of the user through any other database
  2. Use gsec as SYSDBA in embedded mode to reset the password
  3. Replace the security database with a copy with a known password for the user

If your database uses itself as its security database, you will first have to remove that setting from the databases.conf by commenting out the SecurityDatabase setting for that database.

For Firebird 3, this answer assumes the creation of a user for the Srp authentication mechanism, and the steps below assume that the firebird.conf in the Firebird installation has setting AuthServer = Srp (or at least that setting AuthServer contains Srp) and setting UserManager = Srp (or at least that Srp is the first entry for UserManager).

Option 1: reset a password

Works on Firebird 2.5 and higher

Connect to a database with SYSDBA (or another user with admin role on the security database), and use

ALTER USER <username> SET PASSWORD '<new password>';

This is probably not an option in your case though.

Option 1a: reset with embedded connection (passwordless)

Works on Linux for Firebird 2.5 or higher, on Windows requires Firebird 3.0 or higher.

Stop Firebird server, and use ISQL to connect to the database in embedded mode (which doesn't require a password):

isql -user sysdba <database>

With a default Firebird 3 installation, you can use employee for <database>, which will use the employee example database.

Alter the password as described above. Alternatively, try replacing sysdba with the actual username in the isql commandline.

Start Firebird server again.

Option 2: use gsec to change the password

Works on Linux for all version, on Windows this only works for Firebird 3.0 and higher.

Be aware that gsec is deprecated since Firebird 3 and may be removed from future Firebird versions.

Stop the Firebird server, open the command line, and in the Firebird installation folder do:

gsec -user sysdba

and on the gsec prompt

modify <username> -pw <new password>

or if the user doesn't exist yet:

add <username> -pw <new password>

Start Firebird server again.

Option 3: replace security database

Most of these steps also apply if you are using a new Firebird install; just skip the replacing of the security database.

Stop Firebird server and make a copy of your current security3.fdb as a backup.

Obtain a default security3.fdb for your platform (eg download a zipkit from the Firebird 3 download page) or use a security3.fdb with a known password, and replace your current security3.fdb with this default version. Don't start Firebird yet.

For earlier Firebird versions, look for your version on the download page.

The default password for sysdba is normally 'masterkey', but on Firebird 3 the default security3.fdb only contains this user for the legacy authentication mechanism, which is disabled in a default Firebird 3 installation.

To add a sysdba user, use an embedded connection to any database and create a sysdba account. On the command prompt from the Firebird installation folder, run:

isql -u sysdba <database>

Within ISQL execute:

create user sysdba password '<sysdba password>';
commit;

To add another user, connect using SYSDBA - similar to the previous step 2 - to any database and execute

create user <username> password '<new password>';
commit;

And exit isql (with quit;)

Then start Firebird server again, and you should be able to connect with this user and its password.

Most of these steps assume you already have a database to connect to, if you don't yet have one, then you'll need to create on first.

Start isql as user sysdba:

isql -u sysdba

And create a database

create database '<path-of-database>';

You can then use that database for the earlier steps.

Related questions

Best way to store password in database

I am working on a project that has to have authentication (username and password) It also connects to a database, so I figured I would store the username and password there. However, it seems like not such a good idea …

Read More
How to secure database passwords in PHP?

When a PHP application makes a database connection it of course generally needs to pass a login and password. If I'm using a single, minimum-permission login for my application, then the PHP needs to know that login and password somewhere. …

Read More
Why is it not advisable to have the database and web server on the same machine?

Listening to Scott Hanselman's interview with the Stack Overflow team (part 1 and 2), he was adamant that the SQL server and application server should be on separate machines. Is this just to make sure that if one server is compromised, both …

Read More