Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.databases.ms-sqlserver > #2262 > unrolled thread

Determine what password is used during a login attempt

Started byAnton Shepelev <anton.txt@g{oogle}mail.com>
First post2025-03-05 14:28 +0300
Last post2025-03-06 13:35 +0300
Articles 3 — 2 participants

Back to article view | Back to comp.databases.ms-sqlserver


Contents

  Determine what password is used during a login attempt Anton Shepelev <anton.txt@g{oogle}mail.com> - 2025-03-05 14:28 +0300
    Re: Determine what password is used during a login attempt Erland Sommarskog <esquel@sommarskog.se> - 2025-03-05 19:55 +0100
      Re: Determine what password is used during a login attempt Anton Shepelev <anton.txt@g{oogle}mail.com> - 2025-03-06 13:35 +0300

#2262 — Determine what password is used during a login attempt

FromAnton Shepelev <anton.txt@g{oogle}mail.com>
Date2025-03-05 14:28 +0300
SubjectDetermine what password is used during a login attempt
Message-ID<20250305142848.fc47cf2469d2b8e8a1b6675d@g{oogle}mail.com>
Hello, all

For some reason beyond our understanding, an installation of
SAP Business One on one of our servers has lost the ability
to connect to the MSSQL database under an internal,
automatically crated user B1_SBOCOMMON.  The Profiler
intercepts the attempt:

  Logon Error: 18456, Severity: 14, State: 8.
  Logon Login failed for user 'B1_SBOCOMMON'.
  Reason: Password did not match that for the login provided.
  [CLIENT: 192.168.0.193]

Is it possible determine the password it tries to use, if we
have full admin access to that database (and the entire
server) under the 'sa' user?

-- 
()  ascii ribbon campaign -- against html e-mail
/\  www.asciiribbon.org   -- against proprietary attachments

[toc] | [next] | [standalone]


#2263

FromErland Sommarskog <esquel@sommarskog.se>
Date2025-03-05 19:55 +0100
Message-ID<XnsB299CAB9E3DDFYazorman@127.0.0.1>
In reply to#2262
Anton Shepelev (anton.txt@g{oogle}mail.com) writes:
> Hello, all
> 

Yeah "all", it's soooo crowded here. :-)

> For some reason beyond our understanding, an installation of
> SAP Business One on one of our servers has lost the ability
> to connect to the MSSQL database under an internal,
> automatically crated user B1_SBOCOMMON.  The Profiler
> intercepts the attempt:
> 
>   Logon Error: 18456, Severity: 14, State: 8.
>   Logon Login failed for user 'B1_SBOCOMMON'.
>   Reason: Password did not match that for the login provided.
>   [CLIENT: 192.168.0.193]
> 
> Is it possible determine the password it tries to use, if we
> have full admin access to that database (and the entire
> server) under the 'sa' user?

No. It's an encrypted hash. If it was reversible that would be a major
security issue. 

[toc] | [prev] | [next] | [standalone]


#2264

FromAnton Shepelev <anton.txt@g{oogle}mail.com>
Date2025-03-06 13:35 +0300
Message-ID<20250306133518.75149761831624191f3d21bd@g{oogle}mail.com>
In reply to#2263
Erland Sommarskog to Anton Shepelev:

> > Hello, all
>
> Yeah "all", it's soooo crowded here. :-)

According to the statistics, it is quite crowded -- 100% of
questions in this newsgroup receive a meaningful answer from
an MSSQL expert.  How many forums can boast of that?

You could mention this group in the SQL section of your
website, or in your contacts, to remind the readers that
Usenet lives on.

> > Is it possible determine the password it tries to use,
> > if we have full admin access to that database (and the
> > entire server) under the 'sa' user?
>
> No. It's an encrypted hash. If it was reversible that
> would be a major security issue.

So, only password hashes are sent from client to server?
Makes sense.

I had a withering weak hope, however, that a complete
administrator access to the server would let me do something
about it.  We all wish security were weaker when dealing
with the aftermath of bugs or poor work discipline, and wish
it were stronger every time our system was hacked and
encrypted by ransomware.

-- 
()  ascii ribbon campaign -- against html e-mail
/\  www.asciiribbon.org   -- against proprietary attachments

[toc] | [prev] | [standalone]


Back to top | Article view | comp.databases.ms-sqlserver


csiph-web