As we all know, there is an account SA, the system administrator (SA) that is definitely a vulnerability in network security in M$sql, which is assigned to the fixed server role sysadmin and cannot be changed by default. This SA under normal circumstances is neither can change the name, also can not delete, hehe, a little chicken taste, discard pity, eat tasteless. Loaded on the sql2000, feeling strange, put the back door in, always don't trust, worry about a day was broken out of the password, that even the computer will not finish pulling. Perhaps you say to set a strong password, this method is feasible, is not a long time, the so-called cut grass to root, if the SA to delete the pull will not worry about those "hacker" brute force crack pull.
Oh, the front said pull so half-day nonsense, maybe you've looked at the impatient pull, okay, that's the point, everybody follow me and take the SA to a big dump. First Open Enterprise Manager in SQL, then select SQL Server Configuration properties in the Tools tab, and then click Server Settings. See the box that allows you to modify the system directory directly before you click on it, OK.
Then open the Query Analyzer, log in (oh, whatever your account to enter, but be sure to have db_owner in the master database) input
Update sysxlogins set name= ' You want to change the name ' where sid=0x01
Update sysxlogins set sid=0xe765555bd44f054f89cd0076a06ea823 where name= ' you want to change the name '
OK, the implementation of success, good pull, diverted Enterprise Manager in the refresh security in the landing, see, SA is not become you want to change the name of Pull, oh, select the name you want to change into the right button, how to pull the deletion of the option, OH, delete. See if the SA has not been pulled.
Postscript
How to delete sa directly in Query Analyzer
How to remove the SA directly in the Query Analyzer is similar to what was said earlier, except that this time it was not a cheat in Enterprise Manager, but rather the use of SQL to provide us with powerful stored procedures to accomplish this task. Here's what I call a stored procedure that needs to be exploited sp_configure,sp_configure displays or changes the global configuration settings for the current server.
It's syntax:
sp_configure [[@configname =] ' name ']
[, [@configvalue =] ' value ']
Instance:
sp_configure ' allow updates ', 1
Go
Reconfigure with OVERRIDE
Go
Okay, so we can update the system, and then, like the previous practice, pull update sysxlogins set name= ' The name you want to change to, ' where sid=0x01, and then delete the name you renamed.
Be aware, however, that no parameters (or only the first parameter) on the sp_configure have EXECUTE permission permissions that are granted to all users by default. The Execute permission permissions for a two-parameter sp_configure (for changing configuration options) are granted to the sysadmin and serveradmin fixed server roles by default. Reconfigure permissions are granted to the sysadmin fixed server role and the serveradmin fixed server role by default and cannot be transmitted. Also in master is db_owner.