How to recover VSS Admin password?

vss-2005 Visual Source Safe popularly known as VSS is one of the most widely used source control and configuration management system across the IT industry, educational and in other organizations. It is so vital and critical for any organization that is using this and a losing Admin password to manage VSS will be really frustrating. I am planning to pen down how to do this safely without screwing up things that gets you axed.

vss-folder I tested the following technique with Microsoft Visual Source Safe 2005 and few previous versions and is working fine. Please follow the below mentioned steps to get the job done with ease. Go to your VSS database and look for the file um.bat inside the directory named data. Take a backup of the file um.dat before proceeding to step 2. um.dat is the file where all the user name and passwords are stored that needs to be reset. The values inside um.dat are not plain text and you need a hex editor to open the file. If you need a hex editor you can get one free editor from Cygnus Hex Editor.

um-hex-edit

There are 2 ways of resetting the password in um.dat. The first way is manually doing it in a hex editor which is quite messy and there is high degree of error and the second way is writing a C program to do it. I am going to deal with writing a small program to do the job in an easy way. Download the free Pelles C compiler to run the below given program hassle free.

pelles-c-editor

The C program will create a file a called umfix.dat from the original um.dat file if the program run successfully. Backup the um.dat and now rename umfix.dat to um.dat and replace the file inside the data directory of VSS database. You are done now.


[/codesyntax]
  • Sunset_Horizon

    The given code doesn’t compile. What values should I put if I chose the HEX editing method?

  • 0xff

    I fixed the source code and you can try compiling it now. There was a small problem with syntax plugin.

    To reset the password directly, open the um.bat using hex editor and make sure that from offset 80 the bytes are (all numbers are hex)

    0:80 55 55 bc 7f 41 64 6d 69 6e 00 00 00 00 00 00 00
    0:90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
    0:a0 00 00 00 00 90 6e 00 00 a8 01 00 00 00 00 00 00