Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


sa password been reset and BUILTIN/Administrator has been removed from sysadmin group

Posted on 2003-03-21
Medium Priority
Last Modified: 2007-12-19
A SQL SERVER 7 machine on my network was used and abused by a user, who reset the sa password and removed the NT/Administrator user from the SQL server sysadmins group, rendering it inaccessable to any sysadmins.

How can I get sysadmin privileges back on the sql server?

I have tried,
1) starting it in single user mode and trying to connect to it. (i think there is some scope for more investigation here, but im not sure what to try)
2) trying to connect to it using NT privileges.
3) a brute force sa password hack - but this was only check 5 passwords a second, and would have taken many years to get to 8 chars

I can stop the service and copy the mdf and ldf files to another machine and restore them, but then I'm going to end up with the same problem on another machine.

Is there any way I can extract or reset the sa password to blank using a utility?

Many thanks.

Tom H

Question by:tommyh

Expert Comment

ID: 8182170
Backup all the DBs before u shutdown SQL Server, re-install SQL Server and reset the password upon installation.

Good luck!

Author Comment

ID: 8187251
surely this will reinstall the master database, thus destroying all of my logins.

plus I can't login at the moment, so I can't make any backups.

Author Comment

ID: 8187298
surely this will reinstall the master database, thus destroying all of my logins.

plus I can't login at the moment, so I can't make any backups.
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.


Author Comment

ID: 8187470
surely this will reinstall the master database, thus destroying all of my logins.

plus I can't login at the moment, so I can't make any backups.

Accepted Solution

Boricle earned 1500 total points
ID: 8194022
This has been addressed before.


Basically, it says, stop service, backup it up, back it up again, check backs restore ok on seperate box, rebuild it all, restore relevent DBs, recreate logins.

If you don't want to do the rebuild option, then I would thinkt that the best thing to do is to go and find some dictionary cracker software for ODBC connections. If you have enough time, you might even be able to script some.

The place below has some tools. be warned I HAVE NEVER USED ANY OF THEM. ANY PASSWORD / PENETRATION SOFTWARE SHOULD BE CONSIDERED A POTENTIAL TORJAN (ie could take passwords and email to other people / set up holes in your system). If you do want to use them, I would suggest setting up a complete seperate copy of the server, not connected to any network, run the cracker, get your password (if any of them work), write it down, reformat and completely wipe the test machine.


The description on this one looks interesting:
"Sql Dict - Brute-force SQL Server password utility. Good for auditing SQL Server passwords in your organization. Don't use this power for evil. (2202 hits)"

SQLAT - SQLAT is a suite of tools that could be useful for penetration testing a MS SQL Server. The tools are still in development but tend to be quite stable. (1172 hits)

sqlbf - SQL Server password brute forcing tool by xaphan. Source (1717 hits)

Author Comment

ID: 8194327

Unfortunately I don't have an account available with backup privileges, and the scheduled maintentaince has packed up. I was trying to detach and reattach the database files but according to the documentation for both sp_attach_single_file_db and sp_attach_db, they both need to be used on previously detached databases.
In the current situation I definitely can't get sysadmin privileges to execute the sp_detach_db stored procedure.

Any ideas on reattaching undetached databases?

Expert Comment

ID: 9275644
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
Post your closing recommendations!  No comment means you don't care.

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When trying to connect from SSMS v17.x to a SQL Server Integration Services 2016 instance or previous version, you get the error “Connecting to the Integration Services service on the computer failed with the following error: 'The specified service …
MSSQL DB-maintenance also needs implementation of multiple activities. However, unprecedented errors can hamper the database management. In that case, deploying Stellar SQL Database Toolkit ensures fast and accurate database and backup repair as wel…
Via a live example, show how to shrink a transaction log file down to a reasonable size.
Viewers will learn how to use the SELECT statement in SQL and will be exposed to the many uses the SELECT statement has.
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question