======PrimeBase Database Poor File Permissions and Crypt() Hash======


    http://www.firebirdsql.org
    or affiliated sites:
    http://www.ibphoenix.com
 
 
      The Firebird(tm) database engine is derived from the InterBase(r)
      product currently owned by Borland.  The documentation for
      InterBase v 6.0 applies also to the current FireBird release.
      InterBase documentation is available in Adobe Acrobat format from
      http://info.borland.com/techpubs/interbase/."
 
 
      The "information database" stored in the file isc4.gdb is read and
      writeable for all users with the default rpm installation of
      Firebird-1.0.3 for Linux. 

 [root@Fester interbase]# ls -l /opt/interbase/isc4.gdb
 -rw-rw-rw-    1 root     root       618497 Jun  8 14:44 /opt/interbase/isc4.gdb

This file contains the password hashes and usernames for the firebird database. The passwords are hashed twice, once  with the static salt "9z" and a second
time with the returned crypt text minus the salt.


crypt(&crypt(user_password,"9z")[2],"9z")