Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase 12»»

retrieve / recover sa password Expand / Collapse
Author
Message
Posted Thursday, January 26, 2006 7:54 AM
Grasshopper

GrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopper

Group: General Forum Members
Last Login: Tuesday, September 22, 2009 1:33 PM
Points: 11, Visits: 9

Hi all!

We just finished installing our new server with SQL Server 2005.

One of our older applications is apparently using the sa login to connect to on of the databases on the server. Not only that, the password is hard coded

As no one knows the actual sa password on the old server (SQL 2000) is there a way to retrieve / recover /transfer the sa password to the new server?

Thanks,

Yoel

 

Post #253723
Posted Thursday, January 26, 2006 8:38 AM


Keeper of the Duck

Keeper of the Duck

Group: Moderators
Last Login: 2 days ago @ 8:24 AM
Points: 6,634, Visits: 1,871
If you can do a packet trace, that's the easiest way. Otherwise you'd need a tool like SQLCrack or SQL Squirrel (from NGS Software) on the old server. If you can get a packet trace from your network guys when the application logs in, you can find the password fairly easily (assuming no encryption is going on for the connection):

An article I wrote takes you through the process of decrypting the password step-by-step:

SQL Server Security: Login Weaknesses

If you want to see the original references that detailed the weakness and how to utilize it, see the references at the bottom of the article.


K. Brian Kelley, CISA, MCSE, Security+, MVP - SQL Server
Regular Columnist (Security), SQLServerCentral.com
Author of Introduction to SQL Server: Basic Skills for Any SQL Server User
| Professional Development blog | Technical Blog | LinkedIn | Twitter
Post #253754
Posted Thursday, January 26, 2006 4:30 PM
Hall of Fame

Hall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of Fame

Group: General Forum Members
Last Login: Friday, August 8, 2014 1:35 PM
Points: 3,475, Visits: 580

Did you try SA with a blank password or SA with sa password?

Are you sure that nobody actually knows the SA password for the server?

Did you run the profiler to make sure that it is SA who is logging to the database?

What is the application code? Is it a web application, VB application? MS ACCESS? Excel? I actually know how to get the password from the Excel front end in some cases.

Did you search the server folders for the file with the word "password" ? Some developers and sysadmins document their work and the installation description or maintenance document could be actually present on the server. Also, there could be a configuration file in the application directory that contains the connection string.

Did you actually try to locate the previous support person and call him or her?




Regards,
Yelena Varshal

Post #253933
Posted Friday, January 27, 2006 6:33 AM
Grasshopper

GrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopperGrasshopper

Group: General Forum Members
Last Login: Tuesday, September 22, 2009 1:33 PM
Points: 11, Visits: 9

I tried BKellys advice and it worked great! SQLCrack gave me the password in less than 5 mintues.

Thanks all for your help!

Yoel

 

Post #254056
Posted Wednesday, July 16, 2008 10:50 PM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: General Forum Members
Last Login: Tuesday, August 7, 2012 1:18 AM
Points: 1, Visits: 3
The first thing to do is to open up SQL Server Enterprise Manager and register the same server using Windows Authentication. Once the server has be registered, you can expand the Security node and open the properties of the sa account and change the 'sa' password.

Just a note: The windows account you register the SQL Server with must have admin privledges.

Post #535665
Posted Thursday, July 17, 2008 8:01 AM


SSCrazy

SSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazy

Group: General Forum Members
Last Login: Tuesday, April 19, 2011 7:31 AM
Points: 2,832, Visits: 5,316
amjadpathan, while I'm sure your intentions are good, you do know you've responded to a thread that's been dormant for 30 months, don't you?


-- You can't be late until you show up.
Post #536010
Posted Friday, July 18, 2008 1:40 PM
Hall of Fame

Hall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of FameHall of Fame

Group: General Forum Members
Last Login: Thursday, July 17, 2014 10:56 AM
Points: 3,924, Visits: 1,607
tosscrosby (7/17/2008)
amjadpathan, while I'm sure your intentions are good, you do know you've responded to a thread that's been dormant for 30 months, don't you?


Good reply.


SQL DBA.
Post #537039
Posted Monday, August 6, 2012 1:23 PM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: General Forum Members
Last Login: Thursday, December 6, 2012 8:17 AM
Points: 3, Visits: 11
It's never too late to post something. Here I am in 2012, reading these. And running SQL Server 2000 too!
Post #1340860
Posted Wednesday, January 22, 2014 11:27 AM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: General Forum Members
Last Login: Friday, August 8, 2014 11:49 AM
Points: 9, Visits: 60
2013 and this thread is still working for those who still use SQL Server 2000
Post #1533777
Posted Tuesday, April 22, 2014 5:13 AM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: Banned Members
Last Login: Tuesday, April 22, 2014 5:07 AM
Points: 1, Visits: 2
Hey,

If you want recover your SA account password in SQL server then there are two manual ways by which you can recover. Both the methods are very easy but require little technical knowledge. You can perform these methods by following steps given in this link: http://belanalavade.blog.com/2014/04/22/simple-manual-techniques-to-recover-lost-sa-password-in-microsoft-sql-server/

Helpful blog post to recover your lost password.

Thanks.
Post #1563773
« Prev Topic | Next Topic »

Add to briefcase 12»»

Permissions Expand / Collapse