login with hashed password

  • I have a damaged sql 2000 system. I got a hold of the master database and attached it to another 2008 instance to get user names and passwords. I have the hashed passwords. The purpose of getting into the old system is to clean it up and get it shut down.

    To do one part of it, I want to take a user and hashed password and login into the system.

    Is there any way from t-sql or .net to log into SQL Server 2000 when I have the userid and hashed password? I have the SA hashed password.

    Joe

  • How damaged is the 2000 system? You can always start SQL Server in Single User Mode (from the command prompt: sqlservr.exe -m) to log in using an admin account and get SA rights. You can then change the SA password and use SQL Server normally.

  • I got the database up and running. The problem is we bought out a company, who bought out a company, who used to own this system. Built in admin is gone, no one knows the user name and passwords of any of the sql accounts. The application users use name/pwd that are part of the application and not the sql database. No one knows the SA password. I have shut the system/services down to get cold copies of the files, but can't do backups.

    This system is on a sql 2000 RTM. We have VM'd it from the server that was starting to smoke. End users need at least 6 months to find another application and convert the information.

    I copied the master database and the main user database to another server to gain access to the information. There are things I can do to move/upgrade it, but it does not gaurantee that it works with the application. (vendor went out of buisness 7 years ago) I have a procedure that will recreate the login and users with their hashed pwd. I am looking for a way to get into the system with SA and it's hashed password. I can then change it, and breath easier.

    Joe

  • Not the solution I was looking for, but found one that worked.

    From a script on the server, I found a username/pwd for SQL. It had next to no rights. I also found a user (no password) that had sys admin applied.

    1) Shutdown the current system

    2) copied the master to another 2000 system and attached as a user db

    3) cut and pasted the sys admin user id to note pad

    4) update the sys admin has with the low level has pwd

    5) copied the master db back and brought it up

    6) accessed the system with sys admin user / created admin accounts

    7) repeat process to copy old hash back to master db

    I know have full access, did not know and changed back the password. Application is working just fine.

    Joe

Viewing 4 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic. Login to reply