Home page logo

pen-test logo Penetration Testing mailing list archives

Re: SQL passwords
From: jasonbriggs76 <bcbc9001 () gmail com>
Date: Wed, 28 Oct 2009 22:08:27 -0700 (PDT)

According to your query secure auditor seems like a viable solution. it
fetches hashes automatically for sql 2000, 2005 & 2008 which you can
dictionary attack or brute force to crack.



pma111 wrote:

Hi All,

Are there any penetration testing / commercial cracking tools on the
market, or freebies, where we could export the password hashes directly
from our SQL tables (sys.syslogins) and crack the passwords offline, so
not to affect our live servers? Any pointers would be great. 


View this message in context: http://www.nabble.com/SQL-passwords-tp26077906p26105559.html
Sent from the Penetration Testing mailing list archive at Nabble.com.

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]