Access

From Just Solve the File Format Problem
(Difference between revisions)
Jump to: navigation, search
(General Tools)
m (Internal structure of the format)
Line 25: Line 25:
 
The version and build number of Microsoft Access used to create the file is stored in the format. These two values are stored within a [http://jabakobob.net/mdb/data-page.html LVAL Data Page] and deeper into that structure a [http://jabakobob.net/mdb/lvprop.html LvProp column] - part of the MSysObjects table. It is possible to extract this information from here alone, the complete MSysObject table definition is always the second page of the database (zero-based index).  
 
The version and build number of Microsoft Access used to create the file is stored in the format. These two values are stored within a [http://jabakobob.net/mdb/data-page.html LVAL Data Page] and deeper into that structure a [http://jabakobob.net/mdb/lvprop.html LvProp column] - part of the MSysObjects table. It is possible to extract this information from here alone, the complete MSysObject table definition is always the second page of the database (zero-based index).  
  
The block of data at offset 0x18 running for 126 bytes (Jet 3) and 128+ bytes (Jet 4) represents RC4 encrypted data. It is thought this uses the key: '''0x6b39dac7'''.
+
The block of data at offset 0x18 running for 126 bytes (Jet 3) and 128+ bytes (Jet 4) represents [[RC4]] encrypted data. It is thought this uses the key: '''0x6b39dac7'''.
  
 
== Database Password ==
 
== Database Password ==

Revision as of 22:46, 4 June 2014

File Format
Name Access
Ontology
Extension(s) .mdb
PRONOM x-fmt/66
x-fmt/238
x-fmt/239
x-fmt/240
x-fmt/241
Released 1992

Access released by Microsoft also known as Jet DB is a standalone database that forms part of the Microsoft Office Suite of productivity tools. It was first released in 1992.

Access databases are composed of multiple page types. The length of these pages depends on the version of the Jet Database employed by the specific version of Microsoft Access. The first page of Access 95/97 and Access 2000/2003 databases is always a Database Definition Page.

Contents

Microsoft Access 95/97 - Jet 3 Database

Microsoft Access 95/97 utilizes the Jet3 database engine. The page size of the Jet3 database engine is 2048 bytes.

Microsoft Access 2000/2002 - Jet 4 Database

Microsoft Access 2000/2003 utilizes the Jet 4 database engine. The page size of the Jet4 database engine is 4096 bytes.

Internal structure of the format

The Jet DB version can be found in the file header by reading the 4 byte little-endian integer at offset 0x13. Jet3 databases have a value of 0. Jet 4 databases have a value of 1.

The version and build number of Microsoft Access used to create the file is stored in the format. These two values are stored within a LVAL Data Page and deeper into that structure a LvProp column - part of the MSysObjects table. It is possible to extract this information from here alone, the complete MSysObject table definition is always the second page of the database (zero-based index).

The block of data at offset 0x18 running for 126 bytes (Jet 3) and 128+ bytes (Jet 4) represents RC4 encrypted data. It is thought this uses the key: 0x6b39dac7.

Database Password

Note: The information under this section should only be used by owners and custodians of databases where the password has been misplaced or lost and not for any illegal or illegitimate premises.

Among other techniques Jet Databases employ a simple database password. The password field is 0x42 bytes into the file. Jet 3 database password fields are 20 bytes in length, Jet 4 are 40 bytes in length.

Jet 3 Password

XOR-ing the byte string running from 0x42 to 0x56 in a non-password protected database with that of a password protected database will reveal the password in plain text.

Studying the Maxsoft tool under Password Tools will help users to understand how Access databases are protected.

Jet 4 Password

The Jet 4 password can be revealed similarly by XOR-ing the byte string running from 0x42 to 0x68. If after the XOR operation if you haven't an ASCII character, that is, you have a value greater than 0xFF you need to XOR that value again with a further key value (byte) at offset 0x54.

Studying the Maxsoft tool under Password Tools will help users to understand how Access databases are protected.

Jet DB and Access Build Numbers

The following table shows that the version of the Jet Database format remained fairly consistent between versions of Access:

  Client Application          Jet Engine Used    Recommended Jet DB Format
  -------------------------   ---------------    -------------------------
   Access 2.0                       Jet 2.0             Jet 2.0
   Access 95                        Jet 3.0             Jet 3.0
   Access 97                        Jet 3.5             Jet 3.0
   Access 2000                      Jet 4.0             Jet 4.0
   Access 2002                      Jet 4.0             Jet 4.0

The controller used to read and write the format by Access versions did change. The version of Access and its build number can help us to understand the version of the DLL used to interact with the format. The version and build number is embedded in the MDB objects (as described as part of its internal structure above) so can be easily extracted. Build numbers and DLL versions are described below (KB Article 248710 and KB Article 255275 and KB Article 291331):

   Version          File Version     Patches
   --------------   ------------     -------
   Access 95         7.0             Unknown
   Access 97         8.0.3512        n/a          
   Access 97 SR-1    8.0.4122        n/a
   Access 97 SR-2    8.0.5903        SR-1
   Access 2000       9.0.2720
   Access 2000       9.0.3821        SR-1
   Access 2000       9.0.4402        SR-1
   Access 2000       9.0.6926        SP-3
   Access 2002       10.0.2627.1
   Access 2002       10.0.3409.0     SP-1	
   Access 2002       10.0.4302.0     SP-2	 
   Access 2002       10.0.6501.0     SP-3

Access Version linked with MSJet35.dll (KB Article 248710):

   Version                                      DLL Version
   -------                                      -----------
   Access 97                                    3.50.3428.0
   Access 97 SR-1                               3.50.3907.5
   Access 97 SR-2 and Jet35Upd.exe (3rd rel)    3.51.2026.0

The following table from KB Article 178880 describes backward compatibility between Jet DB engines and MDB version:

  ----------------------------------------------
  Jet Version   1.0   1.1   2.0   2.5   3.0  3.5
  ----------------------------------------------
  MDB Version
  -----------
  1.0            Y     Y     Y     Y     Y    Y
  1.1            N     Y     Y     Y     Y    Y
  2.0            N     N     Y     Y     Y    Y
  3.0            N     N     N     N     Y    Y

Note: See the KB Article for information on all DLL updates.

Specifications

A formal specification from Microsoft has not been made available. The following links are attempts by third parties to reverse engineer and document the format:

Sample Files

General Tools

Password Tools

References

See Also

Personal tools
Namespaces

Variants
Actions
Navigation
Toolbox