Puneet Malhotra-314029 (6/23/2011)
you can recover the hash and if there's a software which can translate that hash into the password(Reverse Hashing), then it may be possible. But I haven't come across any software to do so. Hence, it's not possible to recover the password but can always reset it. Y
As I've stated above, there is such software, depending on the strength of the password and how much you invest.
Here's an article about it.
1) Online dictionary attacks can be used, though they're slow and generate a lot of network traffic (i.e. may slow your server down): SQLPing3 has a (slow) facility for this, in addition to exceptional discovery of SQL Server instances. Metasploit Fast-Track SQL Bruter has a brute forcer, and also has intrusion capabilities, so be very careful if you use that one.
2) Offline dictionary or brute force attacks can be used:
The password hash and salt can be recovered from sys.syslogins by anyone with access to that. They can they be fed to software thta can attempt either dictionary (including permutated dictionary) or pure brute force attacks.
One GPLv3 licensed tool would be cudadbcracker plus a good NVIDIA graphics card.
Another GPU cracker is oclhashcat-lite[/url] plus a good graphics card can try more than a billion passwords a second. Be aware that the free download is not licensed for commercial use, so you'd need to contact the author for permission to use it for commercial purposes such as yours.
Next up would be The 40 Euro PasswordsPro and a powerful CPU (or a lot of time), which isn't going to be nearly as fast as the graphics card solutions. Their Extreme GPU Bruteforcer doesn't support MSSQL yet, though you might be able to ask them to add that, as a paying
customer, since it should be very easy for them to add.
There's other CPU based software, but paying for the PasswordsPro license for brute forcing your own lost password is the simplest.