Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

decrypting VRU passwords

Status
Not open for further replies.
anglefire

anglefire

Programmer
May 23, 2006
3
US
Hi,


We are using Lucent Sierra VRUs running VIS 3.0 software and are extracting the user data using the OCL commands MailboxReadByUID command and URRead.


We can obtain the user password in encrypted form with these two commands (but the two commands give different strings...). We need to find a way to decrypt these passwords so was can extract the customer audio data to move it to a new platform.

We have found that we can set the user password to all 0's and then x-or the original encrypted password with the all 0's encrypted password and get the user password, and then set the user password back to what it was. However this sets some flag that then requires the user to reset their password when they log in again.



So does anyone know how to avoid having this reset password flag set, or how to unset it or how to decrypt the password without having to go through the 0000 stuff I described above?



We know the decryption key is somehow related to the mailbox create date (minutes since 1/1/1884) since any mailbox created in the same minute has the same encrypted password when it's set to all zero's.



Thanks.
 
Sort by date Sort by votes
I am pretty sure I have seen a tool from Lucent that will do this but I think you can only get it from them. I will see if I can find the old document on it.

Ken Means

 
Upvote 0 Downvote
Also just wondering what the new vender is telling you about this thy may have run into it before. I can't seem to find the doc's I had but I will keep looking. And if you can change the user record in the system you should be able to disable the resetting of the password when the user logs in. Just look at the record before and then see what flag is changed from before the reset.

Ken Means

 
Upvote 0 Downvote
I know... we have tried looking at the before and after records and we can't find anything different, we've looked down to the raw hex dumps and we can't tell what is different after we change a mailbox password using the OCL commands.

Our new vendor is unable to assist us in decrypting passwords from the old Lucent VRU's.


We want to make the migration totally seamless for our users, but unless we can get the user passwords without making them reset it the next time they access the old VRU, we won't be able to make it seamless.



We know it's not that complicated and we've seen patterns in the encrypted passwords by adding mailboxes every minute (since we know the mailbox create date is part of the key) but so far we can't figure out the encryption formula. Just the fact that it's a simple x-or with the all zero password tells us it's just not that secure, but so far, we can't find the pattern.



Anything you can come with would sure be appreciated. Thanks.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

kevin906
  • Locked
  • Question
Octel 100 User not prompted to change passwords
Replies
0
Views
40
kevin906
kevin906
doktor
  • Locked
  • Question
Check your default passwords for OCTEL 200/300!
Replies
0
Views
38
doktor
doktor
telecogirl
  • Locked
  • Question
Octel 250 Passwords
Replies
2
Views
49
telecogirl
telecogirl
Mrfixit262
  • Locked
  • Question
Change VMX-100 passwords
Replies
10
Views
51
doktor
doktor
bmbintz
  • Locked
  • Question
Reset System Passwords
Replies
1
Views
43
KenMeans
KenMeans

Part and Inventory Search

Sponsor

Back
Top