Penetration Testing mailing list archives
Re: SQL passwords
From: jasonbriggs76 <bcbc9001 () gmail com>
Date: Wed, 28 Oct 2009 22:08:27 -0700 (PDT)
According to your query secure auditor seems like a viable solution. it fetches hashes automatically for sql 2000, 2005 & 2008 which you can dictionary attack or brute force to crack. http://www.secure-bytes.com/register.php http://www.secure-bytes.com/register.php JB pma111 wrote:
Hi All, Are there any penetration testing / commercial cracking tools on the market, or freebies, where we could export the password hashes directly from our SQL tables (sys.syslogins) and crack the passwords offline, so not to affect our live servers? Any pointers would be great. Thanks
-- View this message in context: http://www.nabble.com/SQL-passwords-tp26077906p26105559.html Sent from the Penetration Testing mailing list archive at Nabble.com. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: SQL passwords jasonbriggs76 (Nov 02)
- <Possible follow-ups>
- Re: SQL passwords pma111 (Nov 04)
- Re: SQL passwords Martin Rublik (Nov 05)