MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / mssql_old_passwd

Function mssql_old_passwd

lib/utils/hash.py:183–199  ·  view source on GitHub ↗

Reference(s): www.exploit-db.com/download_pdf/15537/ http://www.leidecker.info/projects/phrasendrescher/mssql.c https://www.evilfingers.com/tools/GSAuditor.php >>> mssql_old_passwd(password='testpass', salt='4086ceb6', uppercase=True) '0x01004086CEB60C90646A8AB9

(password, salt, uppercase=True)

Source from the content-addressed store, hash-verified

181 return "0x%s" % (retVal.upper() if uppercase else retVal.lower())
182
183def mssql_old_passwd(password, salt, uppercase=True): # version '2000' and before
184 """
185 Reference(s):
186 www.exploit-db.com/download_pdf/15537/
187 http://www.leidecker.info/projects/phrasendrescher/mssql.c
188 https://www.evilfingers.com/tools/GSAuditor.php
189
190 >>> mssql_old_passwd(password='testpass', salt='4086ceb6', uppercase=True)
191 '0x01004086CEB60C90646A8AB9889FE3ED8E5C150B5460ECE8425AC7BB7255C0C81D79AA5D0E93D4BB077FB9A51DA0'
192 """
193
194 binsalt = decodeHex(salt)
195 unistr = b"".join((_.encode(UNICODE_ENCODING) + b"\0") if ord(_) < 256 else _.encode(UNICODE_ENCODING) for _ in password)
196
197 retVal = "0100%s%s%s" % (salt, sha1(unistr + binsalt).hexdigest(), sha1(unistr.upper() + binsalt).hexdigest())
198
199 return "0x%s" % (retVal.upper() if uppercase else retVal.lower())
200
201def oracle_passwd(password, salt, uppercase=True):
202 """

Callers

nothing calls this directly

Calls 1

decodeHexFunction · 0.90

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…