Daar we hier op ons project geen enkele account met sysadmin-access hebben op de sql servers (die zijn overgekocht van het andere bedrijf), moest deze morgen alles even “gehacked” worden om toch volledige toegang te krijgen.

Problem: you don’t have sysadmin access to a sql server
you need: a recent backup from the master database + a normal sql user account

procedure:
1. Restore that recent backup on another sql server with another name
2. open table sysxlogins in the master database and change the xstatus-column to 18 for a known user-account.
status 18 = binair 10010 = you get sysadmin permission + you get access (see read more for more options)

3. dettach this database from the server and copy the master.mdf and mastlog.ldf file to the locked sql server
4. On the locked server you have to stop the sql server service and overwrite the original master.mdf and mastlog.ldf files
5. Startup the service again and log in with the known useraccount and you will see that you have now sysadmin access on that server!


xstatus column
Purpose Bit Description
denylogin 1 Indicates whether the login account is permitted access to the server.
hasaccess 2 Indicates whether the login account is permitted access to the server.
isntname 3 Is the name a Windows NT account name?
isntuser 4 Is the account a Windows NT user account?
sysadmin 5
0 = not a member
1 = is a member
securityadmin 6
serveradmin 7
setupadmin 8
processadmin 9
diskadmin 10
dbcreator 11
bulkadmin 12

blank

Marketing strateeg en docent (Thomas More/UHasselt). Sinds 2002 reeds techblogger. Marketing strateeg en privacy officer als freelancer en daarnaast ook gewoon papa thuis. Schrijf je in voor de Dailybits nieuwsbrief.

Abonneer
Abonneren op

Deze site gebruikt Akismet om spam te verminderen. Bekijk hoe je reactie-gegevens worden verwerkt.

1 Reactie
Oldest
Newest Most Voted
Inline Feedbacks
View all comments