Publish a stored procedure for SQL password cracking

Stored Procedure | Crack if exists (select * from dbo.sysobjects WHERE id = object_id (N ' [dbo].[ P_getpassword] and OBJECTPROPERTY (ID, N ' isprocedure ') = 1)
drop procedure [dbo]. [P_getpassword]
Go

/*--the SQL Server user password by exhaustive method

Can crack Chinese, special character, character + trailing space password
In order to facilitate the display of special character passwords, in the display result, the ASCII that makes up the password is displayed

Can theoretically crack any number of digits in the code
The condition is that your computer is configured enough for enough time

--Jiangjian 2004.08 (please keep this information for reference)--*/

/*--Call Example

--Test special characters
declare @pwd sysname
Set @pwd =char (0) + ' a '
EXEC sp_password null, @pwd, ' sa '
EXEC P_getpassword

--Test the password with space
EXEC sp_password null, ' A ', ' sa '
EXEC P_getpassword

--Test Chinese
EXEC sp_password null, ' I ', ' sa '
EXEC P_getpassword

--Clear password
exec sp_password null,null, ' sa '
--*/
Create proc P_getpassword
@username sysname=null,--user name and, if not specified, lists all users
@pwdlen int=3--password to crack the number of digits, the default only to crack 3-bit and the following password
As
--The user table that generates the password to crack
Select Name,password
, type=case when xstatus&2048=2048 then 1 else 0 end
, jm=case when password is null or datalength (password) <46
Then 1 else 0 end
, pwdstr=case when datalength (password) <46
Then cast (password as sysname)
Else cast (' as sysname ') end
, Pwd=cast (' as varchar (8000))
Into #pwd
From Master.dbo.sysxlogins A
where srvid is null
and Name=isnull (@username, name)

--Generate temporary tables
Select Top 255 id=identity (int,0,1) to #t from sysobjects a,sysobjects b
ALTER TABLE #t add constraint pk_#t primary key (ID)

--Cleaning unwanted characters
If not exists (select 1 from #pwd where type=1)
Delete from #t where ID between and 129 or ID between and 254

--Password cracking processing
DECLARE @l int
DECLARE @s1 varchar (8000), @s2 varchar (8000), @s3 varchar (8000), @s4 varchar (8000)

--Cracked 1-bit password
Select @l=0
, @s1 = ' id=a.id '
, @s2 = ' #t a '
, @s3 = ' char (b.id) '
, @s4 = ' cast (b.id as varchar) '
EXEC ('
Update pwd Set jm=1,pwdstr= ' + @s3 + '
, pwd= ' + @s4 + '
From #pwd pwd, #t b
where pwd.jm=0
and Pwdcompare (' + @s3 + ', Pwd.password,pwd.type) =1
')

--break more than 2 digits of password
While exists (select 1 from #pwd where jm=0 and @l< @pwdlen-1)
Begin
Select @l=@l+1
, @s1 = @s1 + ', id ' +cast (@l as varchar)
+ ' = ' +char (@l/26+97) +char (@l%26+97) + '. Id '
, @s2 = @s2 + ', #t ' +char (@l/26+97) +char (@l%26+97)
, @s3 = @s3 + ' +char (b.id ' +cast (@l as varchar) + ') '
, @s4 = @s4 + ' + ', ' +cast (b.id ' +cast (@l as varchar) + ' as varchar ')
EXEC ('
Select ' + @s1 + ' into #tt from ' + @s2 + '
Update pwd Set jm=1,pwdstr= ' + @s3 + '
, pwd= ' + @s4 + '
From #pwd pwd, #tt b
where pwd.jm=0
and Pwdcompare (' + @s3 + ', Pwd.password,pwd.type) =1
')
End

--Display cracked password
Select User name =name, password =pwdstr, password ascii=pwd
From #pwd
Go