hi,
The password hashes generated by pwdencrypt() for SQL7.0 & SQL2000 are
different. The password hash generated for SQL 2000 stores both the actual
passsword & it's upper case version (David Litchfield's article on cracking
SQL passwords). But the passwor hash for SQL 7.0 is of 16 bytes only. I
wanted to use the pwdencrypt() to generate the password hashes but want to
verify the values without sending the 'pwdcompare()' query to server. I
could do it for SQL 2000 but the SQL 7.0 hashes seems to be different.
Thanks.
Ajey.Those undocumented xp shouldn't be used in production. They're not supported
and subject to change by MS without notice (which has been changed in the
past). If you're looking a way to hash your password, take a look at this
udf (courtesy of Steve Kass).
http://groups.google.co.uk/groups?q...58-E7ADEA79360F
-oj
"Ajey" <ajey5@.hotmail.com> wrote in message
news:OuaWKJ2BFHA.2568@.TK2MSFTNGP10.phx.gbl...
> hi,
> The password hashes generated by pwdencrypt() for SQL7.0 & SQL2000 are
> different. The password hash generated for SQL 2000 stores both the actual
> passsword & it's upper case version (David Litchfield's article on
> cracking
> SQL passwords). But the passwor hash for SQL 7.0 is of 16 bytes only. I
> wanted to use the pwdencrypt() to generate the password hashes but want to
> verify the values without sending the 'pwdcompare()' query to server. I
> could do it for SQL 2000 but the SQL 7.0 hashes seems to be different.
> Thanks.
> Ajey.
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment