@@ -155,54 +155,55 @@ def postgres_passwd(password, username, uppercase=False):
155155
156156 return retVal .upper () if uppercase else retVal .lower ()
157157
158- def mssql_passwd (password , salt , uppercase = False ):
158+ def mssql_new_passwd (password , salt , uppercase = False ): # since version '2012'
159159 """
160160 Reference(s):
161- http://www.leidecker.info/projects/phrasendrescher/mssql.c
162- https://www.evilfingers.com/tools/GSAuditor.php
161+ http://hashcat.net/forum/thread-1474.html
162+ https://sqlity.net/en/2460/sql-password-hash/
163163
164- >>> mssql_passwd (password='testpass', salt='4086ceb6', uppercase=False)
165- '0x01004086ceb60c90646a8ab9889fe3ed8e5c150b5460ece8425a '
164+ >>> mssql_new_passwd (password='testpass', salt='4086ceb6', uppercase=False)
165+ '0x02004086ceb6eb051cdbc5bdae68ffc66c918d4977e592f6bdfc2b444a7214f71fa31c35902c5b7ae773ed5f4c50676d329120ace32ee6bc81c24f70711eb0fc6400e85ebf25 '
166166 """
167167
168168 binsalt = decodeHex (salt )
169169 unistr = b"" .join ((_ .encode (UNICODE_ENCODING ) + b"\0 " ) if ord (_ ) < 256 else _ .encode (UNICODE_ENCODING ) for _ in password )
170170
171- retVal = "0100 %s%s" % (salt , sha1 (unistr + binsalt ).hexdigest ())
171+ retVal = "0200 %s%s" % (salt , sha512 (unistr + binsalt ).hexdigest ())
172172
173173 return "0x%s" % (retVal .upper () if uppercase else retVal .lower ())
174174
175- def mssql_old_passwd (password , salt , uppercase = True ): # prior to version '2005 '
175+ def mssql_passwd (password , salt , uppercase = False ): # versions '2005' and '2008 '
176176 """
177177 Reference(s):
178- www.exploit-db.com/download_pdf/15537/
179178 http://www.leidecker.info/projects/phrasendrescher/mssql.c
180179 https://www.evilfingers.com/tools/GSAuditor.php
181180
182- >>> mssql_old_passwd (password='testpass', salt='4086ceb6', uppercase=True )
183- '0x01004086CEB60C90646A8AB9889FE3ED8E5C150B5460ECE8425AC7BB7255C0C81D79AA5D0E93D4BB077FB9A51DA0 '
181+ >>> mssql_passwd (password='testpass', salt='4086ceb6', uppercase=False )
182+ '0x01004086ceb60c90646a8ab9889fe3ed8e5c150b5460ece8425a '
184183 """
185184
186185 binsalt = decodeHex (salt )
187186 unistr = b"" .join ((_ .encode (UNICODE_ENCODING ) + b"\0 " ) if ord (_ ) < 256 else _ .encode (UNICODE_ENCODING ) for _ in password )
188187
189- retVal = "0100%s%s%s " % (salt , sha1 (unistr + binsalt ). hexdigest (), sha1 ( unistr . upper () + binsalt ).hexdigest ())
188+ retVal = "0100%s%s" % (salt , sha1 (unistr + binsalt ).hexdigest ())
190189
191190 return "0x%s" % (retVal .upper () if uppercase else retVal .lower ())
192191
193- def mssql_new_passwd (password , salt , uppercase = False ):
192+ def mssql_old_passwd (password , salt , uppercase = True ): # version '2000' and before
194193 """
195194 Reference(s):
196- http://hashcat.net/forum/thread-1474.html
195+ www.exploit-db.com/download_pdf/15537/
196+ http://www.leidecker.info/projects/phrasendrescher/mssql.c
197+ https://www.evilfingers.com/tools/GSAuditor.php
197198
198- >>> mssql_new_passwd (password='testpass', salt='4086ceb6', uppercase=False )
199- '0x02004086ceb6eb051cdbc5bdae68ffc66c918d4977e592f6bdfc2b444a7214f71fa31c35902c5b7ae773ed5f4c50676d329120ace32ee6bc81c24f70711eb0fc6400e85ebf25 '
199+ >>> mssql_old_passwd (password='testpass', salt='4086ceb6', uppercase=True )
200+ '0x01004086CEB60C90646A8AB9889FE3ED8E5C150B5460ECE8425AC7BB7255C0C81D79AA5D0E93D4BB077FB9A51DA0 '
200201 """
201202
202203 binsalt = decodeHex (salt )
203204 unistr = b"" .join ((_ .encode (UNICODE_ENCODING ) + b"\0 " ) if ord (_ ) < 256 else _ .encode (UNICODE_ENCODING ) for _ in password )
204205
205- retVal = "0200 %s%s" % (salt , sha512 (unistr + binsalt ).hexdigest ())
206+ retVal = "0100 %s%s%s " % (salt , sha1 (unistr + binsalt ). hexdigest (), sha1 ( unistr . upper () + binsalt ).hexdigest ())
206207
207208 return "0x%s" % (retVal .upper () if uppercase else retVal .lower ())
208209
0 commit comments