To begin, we need a basic understanding of the structure of the on-disk database files which are our likely target for password hashes.
When listing the DATA directory of a SQL Server install, commonly found in C:\Program Files\Microsoft SQL Server\SQL-VERSION\MSSQL\DATA, it is common to find 2 file types: For the purposes of this post, we will be exploring the MDF file structure which contains the data we are interested in.
When scanning through pages in the MDF file, we will be looking for the “Object ID” of our target tables (explored a bit further on), as well as the “Type” flag which will show us the type of data stored within the page.
- Cam chat hot
- when to become exclusive online dating
- Free live sex webcam no sign up no hidden fees
- aquarius male dating traits
- carrie underwood and dating
- updating video driver dell dimensions
Next up is the length of fixed sized fields in the row, so these are your char’s, int etc.
Then we have the fixed data, so if your row contains two “char(4)” columns, this will contain 8 bytes of data.
For reference, LDF files contain the transaction log associated with a database and will likely be reviewed seperately in a future post.
The MDF file structure is organised into a number of “pages”, which in the case of SQL Server are 8KB in size and consist of a number of elements.
The obvious target to do this was by reviewing the configuration and metadata that Microsoft SQL Server stores in its file.