Monday, 9 July 2007

The SSAPI Patcher

In my first post about SourceSafe, I discussed how SourceSafe security can be bypassed by modifying an instruction in the SSAPI library.

As promised, I have now produced a tool to automate this process.

The tool has the following features:
  • Patches in-memory instances of SSAPI. You can use this if you do not wish to modify an on-disk copy of SSAPI.DLL.
  • Patches on-disk instances of SSAPI. This will permanently remove the password protection from SourceSafe on your PC.

Figure 1 shows a screenshot of the patcher tool.

To patch an in-memory copy of SSAPI, click the Patch Mem button. This will patch all running SourceSafe programs.

To patch an on-disk copy of SSAPI, click the Patch DLL button. You will need to browse to the DLL that needs patching. A backup copy of the DLL will be made by the program before a patch is made.

I have rather creatively named the tool the SourceSafe Password Patcher, and it can be downloaded from this location:

The tool is written entirely in C# in Microsoft .NET 2.0. I may produce a C++6 version later on for greater compatibility, but only if someone asks for it.

If you would like the source code, please ask - but as with the previous tool, you will have much more fun coding a patch yourself from the description in my first SourceSafe article, 'Is SourceSafe "Safe"?'.


No comments: