List of users with weak passwords in MS SQL
- Tutorial
Another customer asked me to check the security of their SQL Server.
At work, I dashed the script, checked it not at the customer, but at work in the bank (I won’t specify the name), it’s true on the DEV server, and voila! - 522 SQL Login with simple passwords. And this is a security hole.
In general, I propose to check similar vulnerabilities on my SQL Server. The list of simple passwords is supplemented as you recall, some simple passwords, I took it from the first 2-3 pages after googling.
The script itself:
At work, I dashed the script, checked it not at the customer, but at work in the bank (I won’t specify the name), it’s true on the DEV server, and voila! - 522 SQL Login with simple passwords. And this is a security hole.
In general, I propose to check similar vulnerabilities on my SQL Server. The list of simple passwords is supplemented as you recall, some simple passwords, I took it from the first 2-3 pages after googling.
The script itself:
declare @popular_passwords table
(
pwd varchar(4000) not null
)
insert @popular_passwords
VALUES
('!@#$%^&*')
,('000000')
,('1')
,('11')
,('111')
,('1111')
,('11111')
,('111111')
,('121212')
,('123123')
,('12')
,('123')
,('1234')
,('12345')
,('123456')
,('1234567')
,('12345678')
,('123456789')
,('1234567890')
,('131313')
,('1qaz2wsx')
,('55555')
,('654321')
,('666666')
,('696969')
,('7777777')
,('987654')
,('987654321')
,('aa123456')
,('abc123')
,('abcd1234')
,('admin')
,('affair')
,('amanda')
,('andrew')
,('anthony')
,('asdfasdf')
,('asdfg')
,('asdfgh')
,('asdfghjkl')
,('ashley')
,('ashleymadison')
,('asshole')
,('baseball')
,('batman')
,('bigdick')
,('buster')
,('charlie')
,('cheater')
,('computer')
,('corvette')
,('cowboys')
,('dallas')
,('DEFAULT')
,('donald')
,('dragon')
,('football')
,('freedom')
,('fuckme')
,('fuckoff')
,('fuckyou')
,('george')
,('harley')
,('hello')
,('hockey')
,('horny')
,('hosts')
,('hunter')
,('iloveyou')
,('jackson')
,('jennifer')
,('jessica')
,('jordan')
,('jordan23')
,('kazuga')
,('killer')
,('letmein')
,('liverpool')
,('looking')
,('madison')
,('maggie')
,('master')
,('matthew')
,('michael')
,('money')
,('monkey')
,('mustang')
,('P@ssw0rd')
,('P@ssword')
,('Pa$$w0rd')
,('Pa$$word')
,('password')
,('password1')
,('pepper')
,('princess')
,('pussy')
,('qazwsx')
,('qwert')
,('qwerty')
,('qwerty123')
,('qwertyuiop')
,('ranger')
,('robert')
,('secret')
,('shadow')
,('soccer')
,('steelers')
,('summer')
,('sunshine')
,('superman')
,('thomas')
,('tigger')
,('welcome')
,('whatever')
,('william')
,('yankees')
,('zxcvbnm')
select
l.name,
p.pwd,
l.type_desc,
l.is_disabled,
sl.sysadmin,
sl.dbcreator,
sl.serveradmin
from @popular_passwords p
join sys.sql_logins l
on pwdcompare(p.pwd,l.password_hash)=1
join sys.syslogins sl
on sl.name = l.name
union all
select -- здесь ситуация когда логин и пароль совпадают
l.name,
l.name,
l.type_desc,
l.is_disabled,
sl.sysadmin,
sl.dbcreator,
sl.serveradmin
from sys.sql_logins l
join sys.syslogins sl
on sl.name = l.name
and pwdcompare(l.name,l.password_hash)=1
order by 4, 5 desc, 1
option(recompile)