LebGeeks

mir

Member

Dirty Little Secrets : SQL Server Undocumented Stored Procedures

Well , today i found out about the Undocumented Stored procedures in sql server while i was working on encrypting password

maybe it is somethin you all know about, but i did today lol:P...
There are some pretty useful ones outhere.

and Even some of the SP are not documented, ppl did found out about them
i wonder how (i will try to know how they found out about them later on when i have time [probably after a 150 year]  )
w I wonder why they are Undocumented
(I wonder how.. I wonder Why.. I wonder where they are  [old song lool]  )

The Funny Part also is that you will find exploit in those sp too lol
google the  pwdencrypt and u will know what i am talking about.

So guys, just wondering.. who knew about them before ,which ones are u using
w is it safe to work with them?

w heik, just wanted to share this with you

Last edited by mir (May 9 2006)

teodorgeorgiev

Member

Re: Dirty Little Secrets : SQL Server Undocumented Stored Procedures

In ***WHICH*** SQL server namely? :)

I have been using some of the "undocumented" MS-SQL stored procedures to recover a crashed database...
I think you are talking about MS-SQL.

KingRhye

Member

Re: Dirty Little Secrets : SQL Server Undocumented Stored Procedures

Any link ?

mahdoum

Member

Re: Dirty Little Secrets : SQL Server Undocumented Stored Procedures

no clue what you're on about.

mir

Member

Re: Dirty Little Secrets : SQL Server Undocumented Stored Procedures

no clue what you're on about.

In microsoft sql server there are some stored procedures that microsoft says nothing about
Undocumented Ones.but some guys did find out about them and found exploits in them
For Example i was looking for a fast way to encrypt user passwords
it is small application, no need for high security features
so i found out about pwdEncrypt and a bunch of others stored procedures that did the job in couple of lines
I also found out about exploits in them

Any Links

Here are some of the links from Google. I searched "Undocumented Stored Procedures + sql server 2000"
but i don't think they contain all the list as i searched for some procedures but did not find them on the pages
I will do a detailed search later w post the links
http://www.databasejournal.com/features … hp/1441251
http://www.mssqlcity.com/Articles/Undoc … ndocSP.htm

That's For the moment
Keep me updated with ur result searches

Ragnar78

Member

Re: Dirty Little Secrets : SQL Server Undocumented Stored Procedures

This is the only one i used before "sp_fixindex" when i build a testing and comparing tool. I had to retrieve a lot of data from 2 different environments multiple time. So i had to rebuild indexes to make the SP i build worked a bit faster. A dba gave me the tip, i dont know the rest of the USP.

Padre

Member

Re: Dirty Little Secrets : SQL Server Undocumented Stored Procedures

i've seen couple of these, tho never used them.
just use the so popular MD5 hashing ... althought easily reversible now .....

samer

Admin

Re: Dirty Little Secrets : SQL Server Undocumented Stored Procedures

althought easily reversible now .....

yes, but with not-so-easy accessible tools (e.g., 1TB rainbow tables), in case it's a hard password.

Padre

Member

Re: Dirty Little Secrets : SQL Server Undocumented Stored Procedures

yes, but with not-so-easy accessible tools

you dont need to have them. in order to used them ;)

samer

Admin

Re: Dirty Little Secrets : SQL Server Undocumented Stored Procedures

well, the only services I know about require an account, please PM me if you know some others.

Flamie

Member

Re: Dirty Little Secrets : SQL Server Undocumented Stored Procedures

http://www.governmentsecurity.org/

Get into their IRC channel, and donate your CPU power to help them build it, it's huge already and they'll let you use it. ;)

Padre

Member

Re: Dirty Little Secrets : SQL Server Undocumented Stored Procedures

lol, govsec is a bit behind ..... but it's a nice project.
but sadly ... govsec isn't what they used to be :(