SQL 2012 password hash
#1
Please include the SQL 2012 password hash; it's identical to 2005, except
0x0200 as an ID instead of 0x0100
SHA-512 instead of SHA1

i.e. a sanitized test version run on SQL Server itself shows the same "convert to unicode, covert that to binary, append the salt to the end, then hash it once and only once and prepend the identifier" algorithm.

-- SQL Server 2012
select pwdencrypt('password')
-- 0x0200^^^^^^^^********************************************************************************************************************************
-- salt hash
select HASHBYTES('SHA2_512', CONVERT(VARBINARY,N'password') + CAST(0x^^^^^^^^ AS VARBINARY(32)))
select HASHBYTES('SHA2_512', CONVERT(VARBINARY,N'password') + CAST(0x^^^^^^^^ AS VARBINARY(32)))
#2
OK, can we have some example hash/plain pairs please
#3
Code:
select pwdencrypt('Password1!')

0x0200F733058A07892C5CACE899768F89965F6BD1DED7955FE89E1C9A10E27849B0B213B5CE92CC9347ECCB34C3EFADAF2FD99BFFECD8D9150DD6AACB5D409A9D2652A4E0AF16
#4
Here's SQL2012 results for the hashcat example file A0.M1300.word:
SELECT example, pwdencrypt(example)
FROM
(SELECT 'carlos' AS example
UNION ALL SELECT 'test'
UNION ALL SELECT 'test1'
UNION ALL SELECT 'test2'
UNION ALL SELECT 'Paul'
UNION ALL SELECT 'DBAmaster'
UNION ALL SELECT 'database'
UNION ALL SELECT 'jhl9mqe5'
UNION ALL SELECT 'coldfusion'
UNION ALL SELECT 'sql2005'
) dvExample

example (No column name)
carlos 0x02006BF4AB05873FF0C8A4AFD1DC5912CBFDEF62E0520A3353B04E1184F05C873C9C76BBADDEAAC1E9948C7B6ABFFD62BFEFD7139F17F6AFE10BE0FEE7A178644623067C2423
test 0x0200935819BA20F1C7289CFF2F8FF9F0E40DA5E6D04986F988CFE6603DA0D2BC0160776614763198967D603FBD8C103151A15E70D18E7B494C7F13F16804A7A4EB206084E632
test1 0x0200570AC969EF7C6CCB3312E8BEDE1D635EB852C06496957F0FA845B20FCD1C7C457474A5B948B68C47C2CB704D08978871F532C9EB11199BB5F56A06AC915C3799DB8A64C1
test2 0x0200A56045DBCD848E297FA8D06E7579D62B7129928CA0BC5D232A7320972EF5A5455C01411B8D3A7FF3D18A55058A12FAEE5DA410AFE6CE61FF5C39E5FF57CD3EDD57DB1C3B
Paul 0x020059799F1B6D897BE2C5A76D3FFDC52B308190E82FA01F2FA51129B4863A7EE21B3FF6FE9F7850976045237805F338DD36DC9345B429F47A402614C6F2F2B02C56DF14C4F4
DBAmaster 0x0200881E2999DD8E3583695F405696257B99559953705A34D774C15AC1D42699BB77BC56DB5F657751335C1B350890E643790553B60329CAE7A2E7D3C04CF8856C4DB0058723
database 0x0200D648446E70180A6DFB6DF14DB38623EBFE490FE445751900FD5DC45A2B5D20D7AFFE8C6FFC2890BAE1AF34430A21F2F1E4DE50E25757FDB4789716D8D85C6985A00BC454
jhl9mqe5 0x02008AC3B9DC7B67EF9D3C1D25D8007A4B957D5BD61D71E5E9DA08D9F8F012EDDAD168E1CADD93D4627433FBFEE8BCF6CBB42D5B9A31886FC5FF7F970B164F4B5815E03D6DE7
coldfusion 0x020094C4D05A082DB1362B1A972C5D5F1C04C527090A7427E93C13AFEC705A011D8980E994FA647C7D44E25A427246218E25674571DB1710E49C713FB17129549C29E303086A
sql2005 0x0200B9BD5C85918D9BEE84417957618FBA1CB80B71E81550FAE09AD027B4089017CD6461D8EC9509873C2D5096CDBE8F16E4EFA9035C35F9F4917CE58DB99DC6836CEA7483A7
#5
I've added this even though SQL documentation advises against using pwencrypt to hash passwords (bad admins will bad admin). Should be available in the next release of hashcat cpu.
#6
@radix: What speeds are you getting per core?

Here are JtR numbers (it uses OpenSSL for MS SQL 2012 format).

✗ ../run/john -fo:mssql12 -t
Benchmarking: MS SQL 2012 SHA512 [ms-sql12]... DONE
Many salts: 1914K c/s real, 1914K c/s virtual
Only one salt: 1828K c/s real, 1828K c/s virtual
#7
Since hashcat has SSE2 code for SHA512 its a lot faster than JtR:

On AMD FX(tm)-8120 Eight-Core Processor:

Version magnum-jumbo from today (21.08.2012):

Quote:root@sf:~/crackers/magnum-jumbo/src# ../run/john -t -fo=mssql12
Benchmarking: MS SQL 2012 SHA512 [ms-sql12]... (8xOMP) DONE
Many salts: 4879K c/s real, 611448 c/s virtual
Only one salt: 4150K c/s real, 518784 c/s virtual

Quote:root@sf:~/hashcat-0.41# ./hashcat-cli32.bin -m 1731 /root/testhash /root/dict/3-atom.txt -r rules/best64.rule
Initializing hashcat v0.41 by atom with 8 threads and 32mb segment-size...

NOTE: press enter for status-screen

Added hashes from file /root/testhash: 1 (1 salts)
Activating quick-digest mode for single-hash with salt
Added rules from file rules/best64.rule: 78

Input.Mode: Dict (/root/dict/3-atom.txt)
Index.....: 1/13 (segment), 4882277 (words), 33550341 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: 6.38M plains, 81.79k words
Progress..: 141646/4882277 (2.90%)
Running...: 00:00:00:02
Estimated.: 00:00:00:57

--
atom
#8
(08-21-2012, 11:22 AM)radix Wrote: I've added this even though SQL documentation advises against using pwencrypt to hash passwords (bad admins will bad admin). Should be available in the next release of hashcat cpu.

Thank you very much for adding this to hashcat! I look forward to using the new version, and I hope to see it make it into the oclHashcat family in the future as well.

I would note that admins have no choice if they need to use something other than Windows Authentication. All SQL Server (SQL Authentication) usernames have the passwords stored in sys.syslogins, and all of those passwords are hashed by SQL Server using pwdencrypt. I was hoping for an RFC2898 implementation if they were upgrading at all, but it looks like Microsoft was happy just changing the hash algorithm.
#9
new oclHashcat-plus will come with a generic sha512-salt-pass module and supports hex-salts. that should work for you till a special loader for 0x200 is implemented.
#10
Hi, is anyone successfully returning passwords back from SQL 2012 hashes? I'm testing and trying to validate known passwords in a dictionary and generating hashes from SQL 2012 using known passes, no errors just cannot find a match.

This is the syntax I'm using
hashcat-cli64.exe -a 0 -m 1731 -p : -o "C:\Hashcat\hashout.txt" --output-format=0 -n 4 -c 64 "C:\Hashcat\hashes.txt" "C:\Hashcat\passwords.txt"

also tried same in Linux with the same result

Any help appreciated