MS SQL Server

For SQL Server databases the password hash incorporates the password and a random value called the salt. First the password is converted to its Unicode version. Then the salt is appended to the end. This string is then passed to the encryption functions to produce a hash using the secure hashing algorithm (SHA). For additional compatibility a second hash is also used. This second hash is created from the uppercase version of the password string concatenated with the salt. Since this second hash only incorporates uppercase characters the key space is reduced thus making brute-force attacks more effective. Because the hash includes a random salt value the rainbow table must include that many more values.

Tools
SQL Brute Force
http://www.cqure.net/wp/?page_id=16


References
Microsoft SQL Server Passwords (Cracking the password hashes)
http://www.nextgenss.com/papers/cracking-sql-passwords.pdf

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-Share Alike 2.5 License.