[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list]
Date: Fri, 15 Sep 2006 03:25:15 +0400
From: Solar Designer <solar@...nwall.com>
To: john-users@...ts.openwall.com
Subject: Re: MS SQL 2000 Password Recovery
On Thu, Sep 14, 2006 at 12:49:17PM -0600, TFowler@....org wrote:
> Has anyone tried to recover SQL passwords from a master.mdf?
There's an unofficial patch for John the Ripper to support MS SQL
password hashes:
http://www.banquise.net/misc/patch-john.html
and it's been briefly mentioned on this mailing list:
http://www.openwall.com/lists/john-users/2005/12/09/1
Erik - any reason why this is not in the jumbo patches? ;-) (I mean the
working non-vectorized version.)
Also relevant is this paper which explains the hashing method:
http://www.nextgenss.com/papers/cracking-sql-passwords.pdf
Oh, and Google found this video on "MS SQL Preauth Attack, Pwdump and
John the Ripper":
http://www.ethicalhacker.net/content/view/75/24/
No, this last one is not about cracking MS SQL hashes, unfortunately.
--
Alexander Peslyak <solar at openwall.com>
GPG key ID: 5B341F15 fp: B3FB 63F4 D7A3 BCCC 6F6E FC55 A2FC 027C 5B34 1F15
http://www.openwall.com - bringing security into open computing environments
--
To unsubscribe, e-mail john-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.
Hosted by DataForce ISP -
Powered by Openwall GNU/*/Linux