Penetration Testing mailing list archives

Re: SQL passwords

From: Elizabeth Greene <elizabeth.a.greene () gmail com>
Date: Tue, 27 Oct 2009 14:17:36 -0500

Cain will crack these.
http://pctechtips.org/pentesting-ms-sql-server-with-sqlat-and-cain/

where we could export the password hashes directly from our SQL
tables (sys.syslogins) and crack the passwords offline,


-ellie

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------

Current thread:

SQL passwords pma111 (Oct 27)
- Re: SQL passwords Yannick Hamon (Oct 28)
- RE: SQL passwords Paul Melson (Oct 28)
- Re: SQL passwords Nikhil Wagholikar (Oct 28)
- Re: SQL passwords Wasim Halani (Oct 28)
- Re: SQL passwords Martin Rublik (Oct 28)
- <Possible follow-ups>
- RE: SQL passwords DUSTIN.TANNER (Oct 28)
- Re: SQL passwords Elizabeth Greene (Oct 28)
- RE: SQL passwords Security Email (Oct 28)