There's really no way to decrypt it - it's a one way hash. However you can brute force it. There are two functions you can use, pwdencrypt and pwdcompare, to help you brute force the passwords. Read about them on the below link. http://www.sqlmag.com/Articles/Index.cfm?ArticleID=9809 Also there is a tool you can download to help you out: http://www.ntsecurity.nu/toolbox/sqldict/ If you have database security questions, we have a board specifically for database security @ http://www.appsecinc.com/cgi-bin/ubb/ultimatebb.cgi Hope that helps and I'll see you all at BlackHat! Aaron C. Newman CTO/Founder Application Security, Inc. 212-490-6022 anewmanat_private www.appsecinc.com -Protection Where It Counts- -----Original Message----- From: pen-test-return-500-aaron=newman-family.comat_private [mailto:pen-test-return-500-aaron=newman-family.comat_private]On Behalf Of Talha, Sebastien Sent: Monday, July 09, 2001 10:35 AM To: 'pen-testat_private' Subject: SQL Server 7 question Hey All, I've a user account + hashed password of an SQL Server 7 account and would like to decrypt that password: do you know any tool or method to do so ??? thanks in advance. loks ---------------------------------------------------------------------------- ---------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ -------------------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Tue Jul 10 2001 - 07:40:02 PDT