How to crack the SQL Login password from sys.syslogins

03 February,2015 by Jack Vamvas

A fellow DBA forgot the password for a SQL login and hadn’t lodged the password in the Password vault. One option was to change the SQL login but as the SQL Server instance supported  Production applications , it was important to maintain uptime , he didn’t want to ask the application owners to modify the password on the connection strings. He’d use this method as a last resort

He requested if I knew how to crack the SQL login password. There a number of methods to crack passwords. Methods employed by hackers are used to break into SQL Servers , particularly if the sa password is NULL or is a weak password. More about the dangers of weak passwords,10 million passwords unmasked

A typical method is to Brute Force the login password with common list of passwords. There are plenty of lists involved. Once the sa password is cracked , it doesn’t take much to take control of xp_cmdshell, and then it’s party time!

This method gave me an idea. I mentioned to the DBA the possibility of comparing the password encoded values with some “potential” passwords he may have set up, Such as common patterns.

He could use some password options and employ the pwdcompare function. 

How to use  pwdcompare and find the  SQL login password.

If the password attempt matches a password in sys.syslogins , the username is returned.

 

SELECT name FROM sys.syslogins
WHERE pwdcompare('my_password', password) = 1


Read More securing SQL Server and protection against hackers

Find Weak passwords in SQL Server - SQL Server DBA

Database Security Countermeasures against hacker attacks - SQL ...

SQL Server Security Policy - SQL Server DBA


Author: Jack Vamvas (http://www.sqlserver-dba.com)


Share:

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment on How to crack the SQL Login password from sys.syslogins


sqlserver-dba.com | SQL Server Performance Tuning | SQL Server DBA:Everything | FAQ | Contact|Copyright & Disclaimer