[NT] Weak Password Encryption Scheme (Modified) in MS SQL Server

From: support@securiteam.com
Date: 11/05/02

From: support@securiteam.com
To: list@securiteam.com
Date: 5 Nov 2002 09:41:12 +0200

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  Weak Password Encryption Scheme (Modified) in MS SQL Server


MS SQL Server has two means of authenticating users. One uses Windows
Authentication, and the other is the built-in SQL Authentication (which
includes the 'sa' account). The passwords for the SQL Authentication are
sent over the network using a very weak password encryption method. This
was first mentioned in David Litchfield's paper "Threat Profiling
Microsoft SQL Server".


In his paper, Mr. Litchfield states that the password is encrypted by
first converting it into UNICODE and then performing a simple XOR
operation. A quote directly from there:

"Network Sniffing
When a user connects to an SQL Server and authenticates as an SQL login,
as opposed to a Windows NT/2000 user, their login name and password are
sent across the network wire in what is tantamount to clear text. The
'encryption' scheme used to hide the password is a simple bitwise XOR
operation. The password is converted to a wide character format, or
UNICODE, and each byte XOR'd with a constant fixed value of 0xA5. Of
course, this is easy to work out because every second byte of the
'encrypted' password on the wire 0xA5 and we know that the password is in
UNICODE with every second byte being a NULL and when any number is XOR'd
with 0 (or NULL) the result is the same: 0x41 xor 0x00 = 0x41, 0xA5 xor
0x00 = 0xA5."

However, there is a slight inaccuracy in this description which we detail
below. We have determined that the actual XORing method involves an
additional step.

Step 1: Password is converted into UNICODE

Additional Step 2: For each byte of the password, the four Most
Significant Bits (MSB) are swapped with the four Least Significant Bits

Step 3. This modified byte is then XORed with 0xA5.

In the case of the alternating UNICODE 0x00, swapping the 4 MSB with the 4
LSB does not make a difference. But for the rest of the bytes, it does.

Vendor Response:
K. K. Mookhey did not contact the vendor, Microsoft as this is not exactly
something new. However, K. K. Mookhey did contact Mr. Litchfield informing
him about the slight modification to his original statement in his
whitepaper. K. K. Mookhey did not receive any response from him.

Suggested Workarounds:
There is nothing new to be done here, other than that which ought to be
done when hardening an MS SQL Server. Do NOT use the SQL Server
Authentication. This is strongly recommended by Microsoft.


This advisory is available online at:

The information has been provided by <mailto:cto@nii.co.in> K. K.


This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com


The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

Relevant Pages

  • Re: Windows Authentication in asp.net 2005 to SQL Server?
    ... If the domains do not trust each other, Windows authentication is not going ... Basic authentication sometimes makes the need for Kerberos delegation go ... generic account to do the backend data stuff on our SQL Server. ...
  • Re: I dont want to re-invent the Login/Login Wheel - Help with utilities
    ... Yes, if you use .NET1.1, there isn't built-in login control, and more importanltly there isn't ready-to-use membership component to use. ... the membership provider uses SQL Server or SQL Server Express. ... We feel that having the capability to force password change would be a better benefit in securing our application and data access. ... Both Windows authentication and authorization wolud be be fine if we wanted the world to have access to our application data, but not very intuitive for maintaining integrity over our data. ...
  • RE: IIS (ASP) -> SQLServer Authentication Issue
    ... I understand that you'd like to use IIS Intergration authentication in the ... and ASP "impersonates" authencitaed users to access SQL Server on ... only kerberos authentication allows double-hops from clients ...
  • Re: SBS Premium Edition .. what way is SQL licenced
    ... Another thing to note in using your SQL Server as a backend database is the ... concept of Forms-based authentication and Integrated Windows authentication. ... thereby requiring individual CALs to access SQL Server. ... Chad A. Gross - SBS MVP ...
  • Re: Integrated Authentication with SQL
    ... On the IIS level there is no trouble authenticating with kerberos. ... problem is in when I try to flow those credentials over to the SQL server. ... Successful Network Logon: ... Authentication Package: Kerberos ...