MS SQL 2012/2014 password recovery for user

If you have access to the server but you would like to recover sa password or a user’s password you can use this simple technique:

On the server execute

SELECT password_hash FROM sys.sql_logins where name=’sa’

The output will look like this:


Copy this to the Kali Linux machine to a text file – only one row. After that is up to you to decide which tool you can use – hashcat, johnny or john, and also which technique – Single crack, Wordlist, Incremental or something else. I will use Johnny, as the easiest one – only thing you need is to Open Password FileĀ and Start Attack

Good luck!

Leave a Reply

Your email address will not be published.