[GLLUG] Reading/converting unknown database file

James Dutton james.dutton at gmail.com
Thu Sep 26 12:28:12 UTC 2024 

Hi,

This is about a windows program so a little off topic here.
Windows programs that use databases can choose from a wide variety of
databases and formats.
Hopefully the program is not a big binary blob, and instead it used a few DLLs.
One of the DLLs might be the database API. You could then write a
program that uses the DLL to access the data.
Would you be able to post a file list of the entire application
directory, so we can see all the exe and dlls etc. that are included
when you install the program?
Or point us to a url to download the program.

Just looking at the database dump in your email.
It looks like a TLV format.
Type - 1 byte
Length - 1 byte
Value -  "length" bytes.

> 00000000  06 0e 43 6f 6c 6c 65 63  74 6f 72 7a 2e 63 6f 6d  |..Collectorz.com|
> 00000010  06 05 4d 75 73 69 63 03  4a 01 03 5e 08 02 01 04  |..Music.J..^....|
> 00000020  a3 86 01 00 02 26 7b 00  35 00 37 00 44 00 45 00  |.....&{.5.7.D.E.|
> 00000030  45 00 34 00 41 00 34 00  2d 00 31 00 38 00 41 00  |E.4.A.4.-.1.8.A.|
> 00000040  30 00 2d 00 34 00 36 00  45 00 32 00 2d 00 42 00  |0.-.4.6.E.2.-.B.|
> 00000050  34 00 31 00 46 00 2d 00  34 00 45 00 30 00 41 00  |4.1.F.-.4.E.0.A.|
> 00000060  30 00 30 00 46 00 39 00  34 00 42 00 32 00 34 00  |0.0.F.9.4.B.2.4.|
> 00000070  7d 00 03 6f 02 04 3c 6e  05 00 02 03 01 00 01 02  |}..o..<n........|
> 00000080  00 02 00 02 0c 64 00 61  00 74 00 61 00 62 00 61  |.....d.a.t.a.b.a|
> 00000090  00 73 00 65 00 2e 00 6d  00 75 00 63 00 02 08 43  |.s.e...m.u.c...C|
> 000000a0  00 4c 00 5a 00 2d 00 30  00 30 00 30 00 30 00 00  |.L.Z.-.0.0.0.0..|
> 000000b0  02 00 01 00 01 00 01 03  e8 00 02 00 02 00 02 00  |................|

06 0e 43 6f 6c 6c 65 63  74 6f 72 7a 2e 63 6f 6d
Type:06
Length: 0e == 14 chars. "Collectorz.com"
06 05 4d 75 73 69 63
Type: 06
Length: 05 =  5 chars. "Music"

After than the encoding changes a bit:
03  4a 01 03 5e 08 02 01 04
Then another block of TLV, with type:02, length 0x26 but the value
being 2-byte unicode chars, thus 0x26*2 bytes long (A GUID in this
case):
                                         02 26 7b 00  35 00 37 00 44
00 45 00  |.....&{.5.7.D.E.|
> 00000030  45 00 34 00 41 00 34 00  2d 00 31 00 38 00 41 00  |E.4.A.4.-.1.8.A.|
> 00000040  30 00 2d 00 34 00 36 00  45 00 32 00 2d 00 42 00  |0.-.4.6.E.2.-.B.|
> 00000050  34 00 31 00 46 00 2d 00  34 00 45 00 30 00 41 00  |4.1.F.-.4.E.0.A.|
> 00000060  30 00 30 00 46 00 39 00  34 00 42 00 32 00 34 00  |0.0.F.9.4.B.2.4.|
> 00000070  7d 00
So, how one interprets the length field is dependent on the type.

TLV can also be hierarchical, with a set of values contained inside another TLV.
So, one of the types might mean a "record", and the inside that will
be the TLVs for each field.

TLV is used widely in data formats. For example, it is use in the
RADIUS protocol.


Some questions I would have for the app.
Can any of the fields contain more than 255 chars? Because the file
format seems to indicate otherwise.

Summary:
The file is not compressed, and probably quite an easy format to
decode, once you work out what all the types are.

More information about the GLLUG mailing list