Re: SQL passwords

[Nikhil Wagholikar <visitnikhil () gmail com>]

Hello Pmaneedham,

One of the tools for offline SQL password hashes cracking, which comes
to my mind quickly is 'Cain and Abel'.

More Info: http://www.oxid.it/cain.html

---
Nikhil Wagholikar
Practice Lead | Security Assessments & Digital Forensics
Network Intelligence India Pvt. Ltd. [NII Consulting]
Web: http://www.niiconsulting.com/
Comprehensive Information Security Training
http://iisecurity.in/courses/Training Calendar.html

2009/10/27 pma111 <pmaneedham () hotmail com>
> Hi All,
>
> Are there any penetration testing / commercial cracking tools on the market,
> or freebies, where we could export the password hashes directly from our SQL
> tables (sys.syslogins) and crack the passwords offline, so not to affect our
> live servers? Any pointers would be great.
>
> Thanks
> --
> View this message in context: http://www.nabble.com/SQL-passwords-tp26077906p26077906.html
> Sent from the Penetration Testing mailing list archive at Nabble.com.
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------