Digital Prank

Visual Source Safe popularly known as VSS is one of the most widely used source control and configuration management system across the IT industry, educational and in other organizations. It is so vital and critical for any organization that is using this and a losing Admin password to manage VSS will be really frustrating. I am planning to pen down how to do this safely without screwing up things that gets you axed.

I tested the following technique with Microsoft Visual Source Safe 2005 and few previous versions and is working fine. Please follow the below mentioned steps to get the job done with ease. Go to your VSS database and look for the file um.bat inside the directory named data. Take a backup of the file um.dat before proceeding to step 2. um.dat is the file where all the user name and passwords are stored that needs to be reset. The values inside um.dat are not plain text and you need a hex editor to open the file. If you need a hex editor you can get one free editor from Cygnus Hex Editor.

There are 2 ways of resetting the password in um.dat. The first way is manually doing it in a hex editor which is quite messy and there is high degree of error and the second way is writing a C program to do it. I am going to deal with writing a small program to do the job in an easy way. Download the free Pelles C compiler to run the below given program hassle free.

The C program will create a file a called umfix.dat from the original um.dat file if the program run successfully. Backup the um.dat and now rename umfix.dat to um.dat and replace the file inside the data directory of VSS database. You are done now.

Code block
   
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
 
#define MAXBUF 65536
 
int main()
{
FILE *fpr, *fpw;
char buf[MAXBUF];
int nr, nw, i;
 
fpr=fopen("um.dat", "rb");
 
if(!fpr)
fprintf(stderr, "Cannot open um.dat for read\n");
 
fpw=fopen("umfix.dat", "wb");
 
if(!fpw)
fprintf(stderr, "Cannot open umfix.dat for write\n");
 
if(!fpr || !fpw)
{
perror("fopen");
exit(1);
}
 
nr = fread(buf, sizeof(char), MAXBUF, fpr);
if(!feof(fpr))
{
fprintf(stderr, "Did not reach EOF on um.dat\n");
exit(2);
}
 
for(i=132; i<nr; i+=64) {
if(0==memcmp(buf+i, "Admin", 5))
break;
}
 
if(i>nr)
{
fprintf(stderr, "Could not find admin password\n"); exit(3);
}
 
buf[i-2]=0xBC;
buf[i-1]=0x7F;
buf[i+32]=0x90;
buf[i+33]=0x6E;
 
nw = fwrite(buf, sizeof(char), nr, fpw);
if(nw != nr)
{
fprintf(stderr, "Could not write umfix.dat\n");
exit(4);
}
 
printf("Now backup um.dat, and rename umfix.dat to um.dat\n");
 
fclose(fpr);
fclose(fpw);
 
return 0;
}