Coldblackice
[H]ard|Gawd
- Joined
- Aug 14, 2010
- Messages
- 1,152
A friend asked me to see if I can extract a database from a CD of realtor listings. The CD installs a program that gives full access to the database, where you can view all of the information, but only within the confines of its own (small) program window. There are no options to resize the window, resize columns, or export the data.
I found the .db file on the CD, and its file header says it's SQLite. I was able to dump the file with SQLite, but the contents are obviously encrypted. It shows the name columns in clear text, but the business name columns are definitely encrypted.
Would it be possible to grab/copy the decryption key/process by watching the program's .exe in a disassembler, like IDA Pro, and finding it that way? If that wouldn't work (or be feasible), what about accessing the .exe's memory space (once it's decrypted the data and showing it in its own program window) -- Would it be possible to access its memory space and extract the (now decrypted in memory) data that way?
Any insight on undertaking this process?
I found the .db file on the CD, and its file header says it's SQLite. I was able to dump the file with SQLite, but the contents are obviously encrypted. It shows the name columns in clear text, but the business name columns are definitely encrypted.
Would it be possible to grab/copy the decryption key/process by watching the program's .exe in a disassembler, like IDA Pro, and finding it that way? If that wouldn't work (or be feasible), what about accessing the .exe's memory space (once it's decrypted the data and showing it in its own program window) -- Would it be possible to access its memory space and extract the (now decrypted in memory) data that way?
Any insight on undertaking this process?
Last edited: