The Passlib documentation has moved to https://passlib.readthedocs.io
passlib.hash.mssql2000
- MS SQL 2000 password hash¶
Danger
This algorithm is not considered secure by modern standards. It should only be used when verifying existing hashes, or when interacting with applications that require this format. For new code, see the list of recommended hashes.
New in version 1.6.
This class implements the hash algorithm used by Microsoft SQL Server 2000
to store its user account passwords, until it was replaced
by a slightly more secure variant (mssql2005
)
in MSSQL 2005.
This class can be used directly as follows:
>>> from passlib.hash import mssql2000 as m20
>>> # hash password
>>> h = m20.hash("password")
>>> h
'0x0100200420C4988140FD3920894C3EDC188E94F428D57DAD5905F6CC1CBAF950CAD4C63F272B2C91E4DEEB5E6444'
>>> # verify correct password
>>> m20.verify("password", h)
True
>>> m20.verify("letmein", h)
False
See also
- password hash usage – for more usage examples
- mssql2005 – the successor to this hash.
Interface¶
-
class
passlib.hash.
mssql2000
¶ This class implements the password hash used by MS-SQL 2000, and follows the PasswordHash API.
It supports a fixed-length salt.
The
using()
method accepts the following optional keywords:Parameters: - salt (bytes) – Optional salt string. If not specified, one will be autogenerated (this is recommended). If specified, it must be 4 bytes in length.
- relaxed (bool) – By default, providing an invalid value for one of the other
keywords will result in a
ValueError
. Ifrelaxed=True
, and the error can be corrected, aPasslibHashWarning
will be issued instead. Correctable errors includesalt
strings that are too long.
Format & Algorithm¶
MSSQL 2000 hashes are usually presented as a series of 92 upper-case
hexadecimal characters, prefixed by 0x
. An example MSSQL 2000 hash
(of "password"
):
0x0100200420C4988140FD3920894C3EDC188E94F428D57DAD5905F6CC1CBAF950CAD4C63F272B2C91E4DEEB5E6444
This encodes 46 bytes of raw data, consisting of:
- a 2-byte constant
0100
- 4 byte of salt (
200420C4
in the example) - the first 20 byte digest (
988140FD3920894C3EDC188E94F428D57DAD5905
in the example). - a second 20 byte digest (
F6CC1CBAF950CAD4C63F272B2C91E4DEEB5E6444
in the example).
The first digest is generated by encoding the unicode password using
UTF-16-LE
, and calculating SHA1(encoded_secret + salt)
.
The second digest is generated the same as the first, except that the password is converted to upper-case first.
Only the second digest is used when verifying passwords (and hence the hash is case-insensitive). The first digest is presumably for forward-compatibility: MSSQL 2005 removed the second digest, and thus became case sensitive.
Note
MSSQL 2000 hashes do not actually have a native textual format, as they
are stored as raw bytes in an SQL table. However, when external programs
deal with them, MSSQL generally encodes raw bytes as upper-case hexadecimal,
prefixed with 0x
. This is the representation Passlib uses.
Security Issues¶
This algorithm is reasonably weak, and shouldn’t be used for any purpose besides manipulating existing MSSQL 2000 hashes, due to the following flaws:
- The fact that it is case insensitive greatly reduces the keyspace that must be searched by brute-force or pre-computed attacks.
- Its simplicity, and years of research on high-speed SHA1 implementations, makes efficient brute force attacks much more feasible.
Footnotes
[1] | Overview hash algorithms used by MSSQL - https://blogs.msdn.com/b/lcris/archive/2007/04/30/sql-server-2005-about-login-password-hashes.aspx?Redirected=true. |
[2] | Description of MSSQL 2000 algorithm - http://www.theregister.co.uk/2002/07/08/cracking_ms_sql_server_passwords/. |