pwdcompare
In this article, we’ll look at using the built-in PWDCOMPARE function in SQL Server for security testing passwords. While this tool may seem like it exposes a weakness in Microsoft SQL Server because we can test for passwords, it should be of note that an attacker could do the same attack by attempting to login to our database server assuming the attacker was able to access a connection to it. Therefore, this function does not increase the risk of an attack on SQL Server but does help us identify possible weaknesses in our environment so that we can quickly mitigate these risks. In addition, we’ll also combine this with other related tools in SQL Server to help us with logins.
在本文中,我们将研究如何使用SQL Server中的内置PWDCOMPARE函数进行安全性测试密码。 尽管此工具似乎可以揭露Microsoft SQL Server的弱点,因为我们可以测试密码,但应注意,攻击者可以通过尝试登录我们的数据库服务器来进行相同的攻击,前提是假定攻击者能够访问连接到它。 因此,此功能不会增加对SQL Server进行攻击的风险,但是可以帮助我们确定环境中可能存在的弱点,以便我们可以快速缓解这些风险。 此外,我们还将把它与SQL Server中的其他相关工具结合起来,以帮助我们进行登录。
了解功能 (Understanding the function)
For our security testing, we’ll look at the first two parameters – the actual password (“clear_text_password”) we want to test and the password hash (“password_hash”). Microsoft declared that they will be deprecating the third optional parameter of version, so we will not use this and it should be avoided since it will be removed in a later version of SQL Server. If the two parameters match, our output will result in a 1 whereas if they do not match, our output will result in a 0.
对于我们的安全性测试,我们将查看前两个参数–我们要测试的实际密码(“ clear_text_password”)和密码哈希(“ password_hash”)。 Microsoft声明他们将弃用version的第三个可选参数,因此我们将不使用它,并且应避免使用它,因为它将在更高版本SQL Server中删除。 如果两个参数匹配,则输出将为1,而如果它们不匹配,则输出将为0。
创建测试登录 (Creating logins for testing)
Before security testing common passwords, we’ll create six logins with common password forms – some of these use name with numbers and some use the “password” with a number combination. Both of these are unfortunately common because they’re easy to memorize. First, we’ll check to ensure that none of these six logins exist – the below query should return 0 records:
在对通用密码进行安全性测试之前,我们将创建六个具有通用密码形式的