Jump to content

The question about password of block diagram


FengDe

Recommended Posts

Hello,

Last month, I writed some vi to calculate the paramaters of the atmospheric. Now, I forgetted the password to accesee the block diagram. I'm wondering a method to remove the password, I don't know about it, so if anyone can help me, or anyone can sure that there is no method to remove the password?

Link to comment

Hello,

Last month, I writed some vi to calculate the paramaters of the atmospheric. Now, I forgetted the password to accesee the block diagram. I'm wondering a method to remove the password, I don't know about it, so if anyone can help me, or anyone can sure that there is no method to remove the password?

This question comes up often here and elsewhere and the answers (after endurring a series of one-liners about backups, bit buckets, and leasons learned) are always.

If you don't have a non-password protected backup version, you are doomed to re-write it.

Ben

Link to comment

Hello,

Last month, I writed some vi to calculate the paramaters of the atmospheric. Now, I forgetted the password to accesee the block diagram. I'm wondering a method to remove the password, I don't know about it, so if anyone can help me, or anyone can sure that there is no method to remove the password?

You have to know that even with a weak password, there's still at least a 100ms lag between each successive password trials... so you might want to follow on Ben's advice and start over.

Link to comment

You have to know that even with a weak password, there's still at least a 100ms lag between each successive password trials... so you might want to follow on Ben's advice and start over.

It is possible to lower this lag down to 10 ms (if memory serves) by writing passwords directly to password cache (there are privete methods for this).

Link to comment

send you vi to local NI and prove them that its your vi..bingo they will do the needful

Wouldn't count on that. In the begin days of the password protection they did that sometimes but after some time they cleanly discontinued that service for all and everyone, because it was unmanageable, unmaintainable, legally very questionable (how to proof that you are the one owning the copyright to it, etc). and simply a to big support burden. Would be surprised if they came back from that decision since.

Of course if you do know someone at NI and know their weak spot the above may not apply. :lol:

Link to comment

Just my 2 cents, I did experiment was password cracking of VI block diagrams.

If the VI is saved in LabVIEW 6.1 or older the possibility of brute force goes up alot. With a VI saved in 6.1 I could over 30,000 passwords a second!!!

So lets say you had a VI that was yours, and you knew the password was all lower case, and it was less than 6 characters. It would take less than 3 hours to find the password. Now lets make it realistic and say the password is upper and lower case with numbers, but no special characters, and lets make the password 10 characters. At that rate it would take you 887,134 years to guess every possibility. Keep in mind this is at 30,000 tries a second, if we were using LabVIEW 7.0 or newer we could only get about 10 tries a second.

As an example lets say we have a newer VI, 6 characters only lower case. Previously this only took 3 hours to figure out now it takes almost a year.

So brute force is only possible with small passwords, and preferable in 6.1 or older. There is a slight possibility that the MD5 of the password could be reversed, but again this is only possible with usually single words that are all lower case as the password. I've only been able to do this with very basic tests. I would set the password as "1234" then I found MD5 of this password "81dc9bdb52d04dc20036dbd8313ed055", then I searched the VI in a hex editor for this key and found the offset. I then made another VI who's password was "abcd". I then opened this VI with a hex editor and took the key found at the offset that the old one was at. This key was "e2fc714c4727ee9395f324cd2e7f331f" I then went to md5Crack.com, and entered my new key and clicked crack that hash. It then said that "abcd" was a key whos MD5 was that key.

This method has several flaws. First the offset to the MD5 in the VI is not always in the same place. It can change based on LabVIEW version number, or just the format of the VI may cause the structure to change. But if you got a large enough sample a set of offsets could be used.

Another problem with this is that it only works for MD5s that other people have used, and know what the key are. Go here and generate a MD5 by typing in some junk, then copy that MD5 into here and crack the hash. Did it guess the right password? Odds are it said it couldn't guess it. If you stick with one word passwords that are all lower case this method is the fastest to test, but probably the least likely to work.

Link to comment
  • 2 years later...

This method has several flaws. First the offset to the MD5 in the VI is not always in the same place. It can change based on LabVIEW version number, or just the format of the VI may cause the structure to change. But if you got a large enough sample a set of offsets could be used.

hooovahh is right. The password is saved as a md5 hash. The problem is that the offset differs from file to file.

A few days ago I was looking for a way get the hash from the VI-file. After some time of searching i find this

website.

There, you can upload a VI file and the page extracts/finds the password-hash. But this site makes me scared because you can simply overwrite the file-password - so no need to crack/brute force the password at all.

Happy New Year!

Edited by labviewsolutions
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.