RE: SQL Server 7 question

["Aaron C. Newman" <aaron () newman-family com>]

There's really no way to decrypt it - it's a one way hash.

However you can brute force it. There are two functions you can use,
pwdencrypt and pwdcompare, to help you brute force the passwords. Read about
them on the below link.
http://www.sqlmag.com/Articles/Index.cfm?ArticleID=9809

Also there is a tool you can download to help you out:
http://www.ntsecurity.nu/toolbox/sqldict/

If you have database security questions, we have a board specifically for
database security @  http://www.appsecinc.com/cgi-bin/ubb/ultimatebb.cgi

Hope that helps and I'll see you all at BlackHat!

Aaron C. Newman
CTO/Founder
Application Security, Inc.
212-490-6022
anewman () appsecinc com
www.appsecinc.com
-Protection Where It Counts-

-----Original Message-----
From: pen-test-return-500-aaron=newman-family.com () securityfocus com
[mailto:pen-test-return-500-aaron=newman-family.com () securityfocus com]On
Behalf Of Talha, Sebastien
Sent: Monday, July 09, 2001 10:35 AM
To: 'pen-test () securityfocus com'
Subject: SQL Server 7 question


Hey All,

I've a user account + hashed password of an SQL Server 7 account and would
like to decrypt that password: do you know any tool or method to do so ???
thanks in advance.
loks



----------------------------------------------------------------------------
----------

This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service
For more information on SecurityFocus' SIA service which automatically
alerts you to
the latest security vulnerabilities please see:

https://alerts.securityfocus.com/



--------------------------------------------------------------------------------------

This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service
For more information on SecurityFocus' SIA service which automatically alerts you to 
the latest security vulnerabilities please see:

https://alerts.securityfocus.com/