On the level of the server, let’s go to the security.So guys, if that sounds interesting, you want to know how to extract and crack SQL server logins, passwords, stay with us and watch the full episode. The worst thing is when you hard code something in your software. This the same password and no one is changing those passwords. The same is with the connection strings that software developers are using one password and then it’s stored and copied to all other machines.
What if, for example, one of the persons is fired from the company? The password probably isn’t changed, like for the SA account.Įxactly. We just set them up once and they are always like this.
We just don’t change passwords of SQL server logins. The SQL server, it’s not a very popular subject, but there’s a little problem almost in every infrastructure out there. This subject is very relevant, especially because when we are used to cracking password hashes in let’s say, Windows environment, we all know how to do that. SQL server is a popular and very important service It’s very important that users are aware that using simple passwords will allow you to bypass your security and to get to your data, which is very valuable. Of course, you can do it inside the SQL server and use other tools. Today I’ll show you how to get those hashes from the SQL server and how you can check if your users are using long passwords or if those passwords are easy to crack by using dictionary attacks. It’s going to be lead by Mike, a fantastic SQL Server and SQL server security specialist. This episode is going to be about extracting hashes from SQL server logins from the database and also cracking them.
0 kommentar(er)
