Last updated on November 17th, 2019 at 10:15 am
1. Create batch script like ‘Find_TradeServer_WeakPass.bat’ and place it on either sql server or remote server
2. Insert the following commands:
Example A: (Specific role Manager , Password lenght <8 , only numerics)
sqlcmd -S 127.0.0.1 -d TradeServer -E -Q "select ALL [LoginID] ,[Password] ,[LoginType] FROM [TradeServer].[dbo].[UserLogin] WHERE LoginType='Manager' AND LEN(Password) <=8 AND ISNUMERIC (Password)=1" -o "C:\WeakPass-Numerics.csv" -s","
Example B: (Specific role Manager , Password lenght <8 , only letters)
sqlcmd -S 127.0.0.1 -d TradeServer -E -Q "select ALL [LoginID] ,[Password] ,[LoginType] FROM [TradeServer].[dbo].[UserLogin] WHERE LoginType='Manager' AND LEN(Password) <=8 AND Password LIKE '%[^a-z]%'" -o "C:\WeakPass-Letters.csv" -s","
Insert the following commands
Example A: (Specific role of users , Password lenght <8 , only numerics)
sqlcmd -S 10.0.0.201 -U sa -P yourpass -d TradeServer -E -Q "select ALL [LoginID] ,[Password] ,[LoginType] FROM [TradeServer].[dbo].[UserLogin] WHERE LoginType='Manager' AND LEN(Password) <=8 AND ISNUMERIC (Password)=1" -o "C:\WeakPass-Numerics.csv" -s","
Example B: (Specific role of users , Password lenght <8 , only letters)
sqlcmd -S 10.0.0.201 -U sa -P yourpass -d TradeServer -E -Q "select ALL [LoginID] ,[Password] ,[LoginType] FROM [TradeServer].[dbo].[UserLogin] WHERE LoginType='Manager' AND LEN(Password) <=8 AND Password LIKE '%[^a-z]%'" -o "C:\WeakPass-Letters.csv" -s","
3. Run the script as admin
4. When finished, check .csv files on the path (C:\) and ensure you see the net info, should be like this (Example A):