A client of mine had a problem with their ISA Server recently – the HD failed.
Fortunately, it happened on a Sunday and there was a recent backup of the firewall config.
However, the config backup was password protected and no-one could remember the password!
The config backup though is a simple .xml file so one of the guys onsite (Przemek Kwiatkowski – Shrek, for short!) decided to open the file with a text editor and have a look at it. He created another config backup without any password protection, opened it with the text editor and compared the two.
On comparing them he noted that the file with the password protection had the following entry:
While the file without the password looked like:
Note the 7 in the file with no password compared to the 4 in the password protected file. Przemek changed the 4 to a 7 in the password protected file.
The password itself is encrypted and looked something like:
When the password line was deleted and the 4 changed to a 7, the file was no longer password protected and the settings were available to import into the server once more!