如何从 SQL Server 解密密码?

2021-12-20 00:00:00 encryption hash passwords sql-server

我在 sql server 2000 中有这个查询:

select pwdencrypt('AAAA')

输出一个加密的AAAA"字符串:

<前>0x0100CF465B7B12625EF019E157120D58DD46569AC7BF4118455D12625EF019E157120D58DD46569AC7BF4118455D

如何从其来源(即AAAA")转换(解密)输出?

解决方案

我相信 pwdencrypt 正在使用散列,因此您无法真正反转散列的字符串 - 该算法的设计是不可能的.

如果您要验证用户输入的密码,通常的技术是对其进行散列,然后将其与数据库中的散列版本进行比较.

这是验证用户输入表的方法

SELECT password_field FROM mytable WHERE password_field=pwdencrypt(userEnteredValue)

用(大惊喜)用户输入的值替换 userEnteredValue :)

I have this query in sql server 2000:

select pwdencrypt('AAAA')

which outputs an encrypted string of 'AAAA':

0x0100CF465B7B12625EF019E157120D58DD46569AC7BF4118455D12625EF019E157120D58DD46569AC7BF4118455D

How can I convert (decrypt) the output from its origin (which is 'AAAA')?

解决方案

I believe pwdencrypt is using a hash so you cannot really reverse the hashed string - the algorithm is designed so it's impossible.

If you are verifying the password that a user entered the usual technique is to hash it and then compare it to the hashed version in the database.

This is how you could verify a usered entered table

SELECT password_field FROM mytable WHERE password_field=pwdencrypt(userEnteredValue)

Replace userEnteredValue with (big surprise) the value that the user entered :)

相关文章