12-16-2011, 11:27 PM
On the SQL Servers you are authorized to audit:
SELECT sys.syslogins.name
, sys.server_principals.type
, LOGINPROPERTY(sys.syslogins.name,'PasswordHash') AS HashcatFormat
, UPPER(RIGHT(sys.fn_varbintohexstr(CAST(RIGHT(sys.syslogins.password,10) AS VARBINARY(256))),40)) + ':' + UPPER(RIGHT(sys.fn_varbintohexstr(CAST(LEFT(RIGHT(sys.syslogins.password,12),2) AS VARBINARY(32))),8)) AS OCLHashCatLiteFormat
FROM sys.syslogins
LEFT OUTER JOIN sys.server_principals
ON sys.server_principals.sid = sys.syslogins.sid
SELECT sys.syslogins.name
, sys.server_principals.type
, LOGINPROPERTY(sys.syslogins.name,'PasswordHash') AS HashcatFormat
, UPPER(RIGHT(sys.fn_varbintohexstr(CAST(RIGHT(sys.syslogins.password,10) AS VARBINARY(256))),40)) + ':' + UPPER(RIGHT(sys.fn_varbintohexstr(CAST(LEFT(RIGHT(sys.syslogins.password,12),2) AS VARBINARY(32))),8)) AS OCLHashCatLiteFormat
FROM sys.syslogins
LEFT OUTER JOIN sys.server_principals
ON sys.server_principals.sid = sys.syslogins.sid