SQL Server 2000 sa password cracked instance

Referring to the SA weak password, we first think that many databases have 1 similar Super Administrator accounts, such as: Oracle is "system" and "SYS", Sybase is "sa", and MySQL has "root" (not the UNIX system account root). If you do not set the corresponding password or if your password is too low, the intruder will be able to log in and attack the database server, and they can even gain the highest level of authority on your operating system. At this point, some people may not believe, once someone and I said: "The database has been breached most of your tables ah what is taken away, how can the other party to obtain the highest operating system authority?" In fact, I am not alarmist, I would like to assume that a SQL Server 2000 database of the SA password is cracked as an example, to see how the hacker in the database permissions after access to 1 steps to become the system administrator.

At present, there are a lot of such tools on the network to facilitate those unfamiliar with SQL, in fact, do not have to download the tool, as long as Microsoft's own SQL Server with a client-side program can immediately easily become the entire operating system Super Administrator. The specific process, I will explain to you 1 times, here first assume that the hacker has been through other tools to brute force to break the strength of the low SA account you set the weak password, or you do not set the password for the SA account. First the hacker opens SQL Server Query Analyzer, logs into your SQL server database with SA identity and his brute-force password, then executes the following statement:

xp_cmdshell "NET user zxc Nopassword/add" Go xp_cmdshell "net Localgroup/add administrators Zxc" Go

At this time, if you open your Computer Management-----Local Users and Groups-----users, then you will find that there are more than 1 new accounts called ZXC, check the properties of this account, you will find that he is subordinate to the Administrators group.

Speaking of which, we must all understand, yes, hackers by calling SQL Server 's system database Master xp_cmdshell This extended stored procedure easily turned himself into a super administrator on your server, so there's nothing he can do about it later.

Therefore, if you do not need to call this stored procedure in peacetime, you can consider to delete it, of course, regardless of whether you want to call this stored procedure, you should set the SA account for your 1 very strong password, which is the most fundamental, most important, you can open SQL Server Enterprise Manager, then select Security-----Login, right-click the sa account, select Properties, and then modify the password for your SA account in the Properties dialog, where I suggest you try to set it as complicated as possible, and combine the numbers with the special symbols in English. This will prevent hackers from violence to this account, of course, it is best to install your SQL Server has done this work, so as to avoid the future due to human forgetting and other causes of security risks.