Extracting Sql Passwords From Local?

Full Version: Extracting Sql Passwords From Local?

GovernmentSecurity.org > The Archives > General Network Security

mrfastass

May 5 2004, 08:53 AM

i got into a box with microsoft sql 2000 server (got in, in another way).
i wanna get the current password, and i dont like brute-forcing, im not barbarian hehehehe ;]

any ideas?

DarkieD

May 5 2004, 09:48 AM

It might still be stored in the logs

QUOTE

Microsoft thanks the following customers for working with us to protect customers:

. Gordon Newman of PeopleSoft for reporting the presence of the password in sqlsp.log

. Akintunde Oluwaleimu for reporting the presence of the password in setup.iss

MadMaddy

May 5 2004, 01:01 PM

well what kinda of axx do you have to this box? you can always stick on a keylogger. At that, alot of backdoors have keyloggers built into them, you just have to enable it

mrfastass

May 6 2004, 03:48 AM

i got admin rights on it, but still need the sql password

i found only the file
setup.iss
which seems 2 be containing the account+pass the sql server it-self uses 2 do its stuff in the box.

i need the sa/? pass

btw, here's an example 2 one of those sql Pwds:

SQLDomain=IPD.........
SQLDomainAcct=SQLUser
SQLDomainPwd=135b2f89aea2c8f60dc6f0541df7
AgtDomain=IPD.........
AgtDomainAcct=SQLUser
AgtDomainPwd=135b2f89aea2c8f60dc6f0541df7

how do i crack it? brute force i'd say, but with which tool?

(hehe getting from one question 2 another)

oh and DarkieD, can u plz post the url address where u got this quote from? tnx =)

KeeBLeR904

May 6 2004, 09:30 PM

CAIN can i think

Killaloop

May 7 2004, 09:17 AM

QUOTE (mrfastass @ May 6 2004, 03:48 AM)

the passwords you got out of the file are only hashes and need to be cracked.
there is a tool which extracts the hashes out of registry when you got local admin rights and bruteforces onthem. works hyperfast and is the only program (I know of) that supports mssql hasing algorithm.

hxxp://www.nextgenss.com/sqlcrack.htm

lee

May 7 2004, 11:36 AM

I´ve heard it´s possible to look out for .asp pages, its possibly that the login data for the sql stored in these sites...no hash, directly if the admin dont use tools to stealth the data.
But i´m not sure, can anyone tell more?

VannDeR

May 11 2004, 09:45 PM

what is the way to know the phpnuke version?
at http://hack-it.unex.es/level4-res.php there is a php with a bug, what is the way to find it?

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.