RE: SQL passwords



I've had success with SQLLHF in the past
A quick google search will yield a wealth of information.

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of pmaneedham@xxxxxxxxxxx
Sent: Tuesday, October 27, 2009 2:02 PM
To: pen-test@xxxxxxxxxxxxxxxxx
Subject: SQL passwords


Hi All,

Are there any penetration testing / commercial cracking tools on the market,
or freebies, where we could export the password hashes directly from our SQL
tables (sys.syslogins) and crack the passwords offline, so not to affect our
live servers? Any pointers would be great.

Thanks
--
View this message in context: http://www.nabble.com/SQL-passwords-tp26077906p26077906.html
Sent from the Penetration Testing mailing list archive at Nabble.com.


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------



Relevant Pages

  • RE: SQL passwords
    ... Subject: SQL passwords ... tables and crack the passwords offline, ... Sent from the Penetration Testing mailing list archive at Nabble.com. ... Information Assurance Certification Review Board ...
    (Pen-Test)
  • Re: SQL passwords
    ... Cain & Abel is able to crack SQL passwords offline. ... Sent from the Penetration Testing mailing list archive at Nabble.com. ... Information Assurance Certification Review Board ...
    (Pen-Test)
  • Re: Best route to penetration testing learning
    ... was interested in that because it had the 'real' hands on labs and then a ... I'm new to penetration testing and recently took the CEH. ... Information Assurance Certification Review ... actually do a proper penetration test. ...
    (Pen-Test)
  • RE: Internal Penetration Testing
    ... I use the same ones that I use to test the perimeter systems of our network. ... Subject: Internal Penetration Testing ... Information Assurance Certification Review Board ... Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. ...
    (Pen-Test)
  • Re: password auditing
    ... I plan on using john-the-ripper (unix passwords) ... Information Assurance Certification Review Board ... Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. ...
    (Pen-Test)