Skip to content

Instantly share code, notes, and snippets.

@nullbind

nullbind/Identify Shared SA Accounts

Created September 12, 2016 18:34
Show Gist options
  • Save nullbind/b905ec4aaaca618d006d375f9af4bab4 to your computer and use it in GitHub Desktop.
Save nullbind/b905ec4aaaca618d006d375f9af4bab4 to your computer and use it in GitHub Desktop.
Download ZIP
Testing for shared SA account without knowing the password.
Raw
Identify Shared SA Accounts
Below is an overview of how to test for shared SA accounts in SQL Server without knowing the password.
Requirements
- sysadmin privileges on SQL Server
Process
- dump spn or provide sql server list
- enable ad-hoc queries, or create a link to sql servers on target list
- submit query to each sql server, if the sa password is the same as the local instance then the query will work.
Basic Idea = SQL Server PTH
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment