[GLLUG] Reading/converting unknown database file

Henrik Morsing henrik at morsing.cc
Thu Sep 26 11:25:31 UTC 2024 

On Wed, Sep 25, 2024 at 09:51:31PM +0100, Damion Yates wrote:
>I'm not convinced this is compressed, especially based on the initial hex
>dump in the OP.  Continue the hd and look for more utf-16 strings later, or
>generally repetitive blocks that you'd expect to be compressed away.  Or
>gzip it and see if it shrinks more that a few percent, which should be
>unlikely if already compressed.  Of course, it still could be compressed
>later on, but this doesn't necessarily get you closer to recognising the
>uncompressed format, if it's inhouse/bespoke.  That said it's reminiscent
>to sqlite, which would make a lot of sense for this type of database.
>
>There are a few approaches I'd try next:
>
>Create records with very known data, like all 'A's or 0123456789 in various
>fields.  You can then try and determine where that ends up when expected.
>Working out the offsets to the various data segments from the hex will be
>challenging, I used to crack 8bit game loaders in the late 1900s by
>starring at hex dumps for hours.  But as nostalgic, as that sounds, I would
>probably approach this using another technique.
>
>Ask for the format details from the company... Job done.  At they're moving
>to a web system, maybe they consider their old binary abandonware and don't
>care now.
>
>Next up, run a decompiler/disassembler over the binary.  It'll still be a
>nightmare but you might be able to trace through to how the data is dumped
>into the on disc format.  You could also maybe try running under gdb to
>step through the db population part.
>
>Finally, I'd play around with xdotool, have it open each record, copy to
>clipboard, switch to another tool (e.g. a simple gedit window) and paste.
>Run this for a few hours to extract the data.  You might not like the web
>app, but if it can import your data then a web-based manipulation tool
>could also scrape the data back out.
>
> HtH, Good luck!
>
> - Damion
>

Gosh, that's very complicated but I'll have a think. TBH, being a Windows app, I started looking at common file-backed DBs Windows developers might use as an equivalent to SQLite and a quick Google mentioned a handful. I might download them and try.

Regards,
Henrik Morsing

More information about the GLLUG mailing list