[TOOL] SQL Server Password Auditing Tool
From: support@securiteam.comDate: 07/13/02
- Previous message: support@securiteam.com: "[EXPL] Exploit Code Released for MFC ISAPI Framework Buffer Overflow (BadBlue PWS)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Sat, 13 Jul 2002 00:02:53 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
SQL Server Password Auditing Tool
------------------------------------------------------------------------
DETAILS
This tool should be used to audit the strength of Microsoft SQL Server
passwords offline. The tool can be used either in BruteForce mode or in
Dictionary attack mode. The performance on a 1 GHz pentium (256mb) is
around 750 000 guesses/sec.
To be able to perform an audit one needs the password hashes that are
stored in the sysxlogins table int the master database. The program needs
to have them formated in a textfile accordingly (look at the included file
hashes.txt)
<username>,<hash>
The hashes are easy to retrieve allthough you need a priviliged account to
do so, like the sa account. The query you would use in this case would be.
select name, password from master..sysxlogins
To perform a dictionary attack on the retrieved hashes:
sqlbf -u hashes.txt -d dictionary.dic -r out.rep
This will run the dictionary.dic against the hashes in the hashes.txt file
and report found matches in the out.rep file.
To perform a bruteforce attack on the retrieved hashes:
sqlbf -u hashes.txt -c default.cm -r out.rep
This will try to brute force the passwords by using the supplied
characterset (see default.cm) in the default cm and output the results to
out.rep.
ADDITIONAL INFORMATION
The tool can be downloaded from:
<http://www.cqure.net/tools10.html> http://www.cqure.net/tools10.html
The information has been provided by <mailto:tonio@anixis.com> Tonio
Pirotta.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[EXPL] Exploit Code Released for MFC ISAPI Framework Buffer Overflow (BadBlue PWS)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
