Tom Raftery's - Things to Come

A client of mine had a problem with their ISA Server recently – the HD failed.

Fortunately, it happened on a Sunday and there was a recent backup of the firewall config.

However, the config backup was password protected and no-one could remember the password!

The config backup though is a simple .xml file so one of the guys onsite (Przemek Kwiatkowski – Shrek, for short!) decided to open the file with a text editor and have a look at it. He created another config backup without any password protection, opened it with the text editor and compared the two.

On comparing them he noted that the file with the password protection had the following entry:
4

While the file without the password looked like:
7

Note the 7 in the file with no password compared to the 4 in the password protected file. Przemek changed the 4 to a 7 in the password protected file.

The password itself is encrypted and looked something like:
c1fd1b2977cb42b2a3aed6933508268c235d535f

When the password line was deleted and the 4 changed to a 7, the file was no longer password protected and the settings were available to import into the server once more!

Tom Raftery's – Things to Come

Tag: isa_server_2004

How to access a password protected isa server 2004 backup

Tom Raftery – Technology Evangelist, Podcast Host, & Influencer – Sustainability, Supply Chain, Energy, EVs