The format of the file is as follows (as of MySQL 5.6.7-RC):
- 4 Bytes Zero (Version Information)
- 20 Bytes Key Generation Matter
- Repeated:
- 4 Bytes Length information
- Length bytes crypted matter. The crypt is done using the AES ENCRYPT function, which in itself is insecure: It is an aes-128-ecb with a NULL IV.
The key used by AES 128 needs to be CHAR(16), but the function accepts any string as a key generation matter. It generates the key from the key generation matter by xor-ing the key generation matter onto itself in a 16 byte loop, starting with a buffer of NULL bytes.
In Code:
Continue reading ".mylogin.cnf password recovery"