asked on

Database hash

Hi,

Can someone explain me how mssql DB 2000 stores password hashes . Does it use MD5 ,sha 1 or something else to create password hash. How can i know whether a hash is md5 , sha1 or something else?I want to know is there any way that can be used to identify which algorithm was used to create hash just by seeing at hash value.

ASKER CERTIFIED SOLUTION

CSecurity

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

CSecurity

See this to know more about MS SQL 2000 password hashes:
http://www.ngssoftware.com/papers/cracking-sql-passwords.pdf

SOLUTION

Tobias

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

CSecurity

MadShiva, all things you said was in my comments, nothing new added

SOLUTION

Tobias

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Tobias

If you want more information about hash you have this page that could be useful :

http://en.wikipedia.org/wiki/Cryptographic_hash_function

ujjwal-singh

ASKER

Any idea about how mssql 2000 DB store password hashes?does it use md5 or sha.

CSecurity

It's undocumented hash algorithm, see the link... http://www.ngssoftware.com/papers/cracking-sql-passwords.pdf

ujjwal-singh

ASKER

thanks for all of your comments but i was expecting something different which was not known to me

CSecurity

Really? Do you want me to invent a new algorithm and embed it into SQL Server core? So it will be new, huh?

Algorithm is algorithm. That's it. SQL server uses the algorithm which have a code in PDF I gave you. That's all.

ujjwal-singh

ASKER