osql.exe

Question

hi frindes .
i read a article about sql injection and hack.this article telled offen servers that we use for our website,that servers have sa user that maybe have null password.and hackers can attcke to your database with osql.exe command. i check 3 servers that i have database on it and there is sa user in security| login part that i can't change password or delete it.
my question how hackers use sa user ,and how can i change password of it?

Lalit M · Answer

Option 1 : If there is any other SQL Server Login that is a member of sysadmin role, you can log in using that account and reset the password of SQL Server. Change the password of SA account as described here : SQL SERVER – Change Password of SA Login Using Management Studio . Option 2 : If there is any other Windows Login that is a member of Windows Admin Group, log in using that account. Start SQL Server in Single User Mode as described here : SQL SERVER – Start SQL Server Instance in Single User Mode . Create a new login and give it sysadmin permission. Note : If you have SQL Server Agent enabled, it starts before SQL Server service. If you have enabled SQL Server in a single user mode, it will connect it first, so it is recommended to turn that off before attempting any of the above options. more details

bahare g · Answer

i understand from your notes that for change or delete sa User must there is an other user that have sysAdmin rol.it means when i buy a domain and host and create a user for my database i can't change sa password because i dont have sysAdmin rol and anyone can't use my database with sa and null password.is it right? is there a way that a person connect to my database with cmd or anyway?and how can i have more secure database that hackers cant attack it?

osql.exe

sacresp

hazarawood

sacresp

james