SQL Server 2000:-

SELECT password from master.dbo.sysxlogins where name=’sa’

0×010034767D5C0CFA5FDCA28C4A56085E65E882E71CB0ED250341

2FD54D6119FFF04129A1D72E7C3194F7284A7F3A

0×0100- constant header

34767D5C- salt

0CFA5FDCA28C4A56085E65E882E71CB0ED250341- case senstive hash

2FD54D6119FFF04129A1D72E7C3194F7284A7F3A- upper case hash

crack the upper case hash in ‘cain and abel’ and then work the case sentive hash

SQL server 2005:-

SELECT password_hash FROM sys.sql_logins where name=’sa’

0×0100993BF2315F36CC441485B35C4D84687DC02C78B0E680411F

0×0100- constant header

993BF231-salt

5F36CC441485B35C4D84687DC02C78B0E680411F- case sensitive hash

crack case sensitive hash in cain, try brute force and dictionary based attacks.

update:-

following bernardo’s comments:-

use function fn_varbintohexstr() to cast password in a hex string.

e.g. select name from sysxlogins union all select master.dbo.fn_varbintohexstr(password)from sysxlogins

MYSQL:-

In MySQL you can generate hashes internally using the password(), md5(), or sha1 functions. password() is the function used for MySQL’s own user authentication system. It returns a 16-byte string for MySQL versions prior to 4.1, and a 41-byte string (based on a double SHA-1 hash) for versions 4.1 and up. md5() is available from MySQL version 3.23.2 and sha1() was added later in 4.0.2.

*mysql < 4.1

*mysql >=4.1

mysql> SELECT PASSWORD(‘mypass’);

+&

摘自:http://hi.baidu.com/xi4o7e?page=1

Database Password Hashes的更多相关文章

  1. 【Kata Daily 190929】Password Hashes(密码哈希)

    题目: When you sign up for an account somewhere, some websites do not actually store your password in ...

  2. Spring Security(三十三):10.3 Password Encoding

    Spring Security’s PasswordEncoder interface is used to support the use of passwords which are encode ...

  3. ORA-00988: missing or invalid password(s)

    创建账号或修改账号密码时有可能会遇到ORA-00988: missing or invalid password(s),那么什么情况下会遇到这种错误呢? 一般是因为密码的设置不符合命名规范: 1:密码 ...

  4. Database Initialization Parameters for Oracle E-Business Suite Release 12 (文档 ID 396009.1)

    In This Document Section 1: Common Database Initialization Parameters For All Releases Section 2: Re ...

  5. Database Initialization Parameters for Oracle E-Business Suite Release 12

    In This Document Section 1: Common Database Initialization Parameters For All Releases Section 2: Re ...

  6. HUE配置文件hue.ini 的database模块详解(包含qlite、mysql、 psql、和oracle)(图文详解)(分HA集群和非HA集群)

    不多说,直接上干货! Hue配置文件里,提及到,提供有postgresql_psycopg2, mysql, sqlite3 or oracle. 注意:Hue本身用到的是sqlite3. 在哪里呢, ...

  7. Kali-linux破解LM Hashes密码

    LM(LAN Manager)Hash是Windows操作系统最早使用的密码哈希算法之一.在Windows 2000.XP.Vista和Windows 7中使用了更先进的NTLMv2之前,这是唯一可用 ...

  8. RMAN 'Duplicate From Active Database' Feature in Oracle11g (Doc ID 452868.1)

    RMAN 'Duplicate From Active Database' Feature in Oracle11g (Doc ID 452868.1) APPLIES TO: Oracle Data ...

  9. GitHub: Oracle RAC Database on Docker 未测试 改天试试

    https://github.com/oracle/docker-images/blob/master/OracleDatabase/RAC/OracleRealApplicationClusters ...

随机推荐

  1. js中的预加载与懒加载(延迟加载)

    js中加载分两种:预加载与延迟加载 一.  预加载,增强用户的体验,但会加载服务器的负担.一般会使用多种 CSS(background).JS(Image).HTML(<img />) . ...

  2. C++ 栈的基本操作

    // zhan.cpp : 定义控制台应用程序的入口点. // #include "stdafx.h" #include <iostream> using namesp ...

  3. PowerDesigner16建表在SQL SERVER 2008报 对象名 'sysproperties' 无效。

    http://blog.itpub.net/30150152/viewspace-1454979/

  4. JS案例之4——Ajax多图上传

    近期项目中有好几次用到多图上传,第一次在项目中真正用到Ajax技术,稍微整理了下,贴个案例出来. 我们传统的做法是当用户提交一个表单时,就向web服务器端发送一个请求.服务器接受并处理传来的表单信息, ...

  5. vbs实现的支持拖动的txt文本切割器

    vbs实现的支持拖动的txt文本切割器 作者: 字体:[增加 减小] 类型:转载 时间:2008-06-20我要评论 用vbs实现的txt文本文件切割器,默认为8000个字符切为一个文件.支持拖动. ...

  6. WebSocket使用教程 2

    WebSocket使用教程 - 带完整实例 收藏 james_laughing 发表于 2年前 阅读 46438 收藏 23 点赞 5 评论 4 摘要: WebSocket使用教程 - 带完整实例 什 ...

  7. LeetCode:Remove Duplicates from Sorted List I II

    LeetCode:Remove Duplicates from Sorted List Given a sorted linked list, delete all duplicates such t ...

  8. 启动tomcat报错 Could not reserve enough space for object heap的解决办法

    问题:打开eclips启动tomcat发现报出Could not reserve enough space for object heap错误. 解决办法:1.首先检查tomcat是否能正常启动.re ...

  9. #Linux学习笔记# Linux文件的属性以及权限说明

    1. Linux文件的属性 关于Linux文件的属性的说明和设置请参考鸟哥Linux私房菜:Linux 的文件权限与目录配置 2. 目录和文件的权限意义 在Linux系统中,每个文件都有三种身份的权限 ...

  10. 支持Json进行操作的Javascript类库TAFFY DB

    前段时间工作中用到Json数据,希望将一些简单的增删改查放到客户端来做,这样也能减少服务器端的压力.分别查找了几个可以对Json进行操作的javascript 类库,最终选定了TAFFY DB.原因如 ...