‘Alan Kaplan for VA VISN 6
’11-16-06
‘This script changes the SA account password on a SQL Database
‘I use the excellent freeware program SQLRecon to get this information,
‘http://www.specialopssecurity.com/labs/sqlrecon/
Option Explicit
Const adOpenStatic = 3
Const adLockOptimistic = 3
Dim sqlRS, strDBServer
Set sqlRS = CreateObject(“ADODB.Recordset”)
Dim message, strPW
Dim oCP,oService,strServiceState, strStartType
Dim WshShell
Set wshShell = WScript.CreateObject(“WScript.Shell”)
strDBServer = wshShell.ExpandEnvironmentStrings(“%COMPUTERNAME%”)
message = “This will set the SA password on a SQL server where the password ” & _
“is currently blank (or forgotten). ” & VbCrLf & VbCrLf & _
“Integrated authentication must be enabled on the DB ” & _
“for this to work. It is possible (though not likely) that changing the ” & _
“SA password could break an application. Proceed with care! ” & VbCrLf & VbCrLf & _
“Enter the name of a SQL Database server: “
strDBServer=InputBox(message,”SQL Server Name”,strDBServer)
If strDBServer = “” Then WScript.Quit
strDBServer = UCase(strDBServer)
GetPW
‘These lines double the length of the password generated by GetPW
Dim strPW1
strPw1 = strPW
GetPW
strPW = strPW1 & StrReverse(strPW)
message = “Enter a complex password, or use this randomly generated one. (CTRL-C to copy to clipboard)”
strPW=InputBox(message,”Password”,strPW)
If strPW = “” Then WScript.Quit
ServiceConnect “MSSQLServer”, “MS SQL Server Service” ‘Double check that you can check service state
If oService.status <> 4 Then ‘make sure SQL is running
MsgBox “SQL Service not running on ” & strDBServer,vbcritical + vbokonly,”Error”
WScript.Quit 100
End If
ChangePW
Wscript.Quit(0) ‘Script ends
‘============= functions and Sub ==================
Sub ChangePW()
Dim oSQLConn
Dim message
Dim strsql
On Error Resume Next
Set oSQLConn = CreateObject(“ADODB.Connection”)
‘Connect to SQL Database
oSQLConn.Open _
“Provider = SQLOLEDB;” &_
“Data Source =” & strDBServer & “;”&_
“Initial Catalog=master;” & _
“INTEGRATED SECURITY=sspi;”
strsql = “EXEC sp_password NULL,'”& strPW &”‘,’SA'”
sqlRS.Open strSql, oSQLConn, adOpenStatic, adLockOptimistic
If Err <> 0 Then
MsgBox “Failed to change SA Password on ” & strDBServer & _
“. Error Message: ” & Err.Description, vbCritical + vbOKOnly, strDBServer
Else
MsgBox “Changed SA Password on ” & strDBServer & _
” to: ” & strPW, vbInformation + vbOKOnly, strDBServer
End If
sqlRS.Close
oSQLConn.Close
On Error GoTo 0
End Sub
sub GetPW() ‘a mostly random password generator
Dim lranval
dim fso ,tname, wd
dim lRVal,spchar,strlc,lchar
‘get randomly generated directoryname in format rad*.tmp
Set fso = CreateObject(“Scripting.FileSystemObject”)
tname = fso.GetTempName
‘select a special character
dim aSpecial
aSpecial = array(“!”,”@”,”!”,”#”,”*”,”?”,”$”,”~”)
lranval = randbetween(0,7)
spchar = aSpecial(lranval)
‘select a lower case middle char
lranval = randBetween(97,122) ‘ Generate random value from lower case ASCII table.
lchar = Chr(lranval)
‘get random initial digits and concatenate with above
lranval = randbetween(1,99)
strPW = Replace(tname, “.tmp”, spchar)
strPW = Replace(strPW, “rad”, lchar & lranval)
strPW = Replace(strPW,”0″,”9″) ‘get rid of confusing characters
strPW = Replace(strPW,”O”,”o”)
End Sub
Function RandBetween(min,max)
Randomize ‘ Initialize random-number generator.
RandBetween = min + Int(Rnd*(max – min + 1))
End Function
Sub ServiceConnect (strRService, strDisplayName)
Dim strErr
On Error Resume Next
WshShell.Popup “Connecting to ” & strDisplayName & ” on ” & strDBServer ,2,”Connecting”
Set oCP = GetObject(“WinNT://” & strDBServer & “,computer”)
Set oService = oCP.GetObject(“Service”, strRService)
If Err.Number = 424 Then strErr = ” Could not reach server”
If Err.Number <> 0 Then
MsgBox “Failed to connect to SQL Server on ” & strDBServer & _
“.” & strErr, vbCritical + vbokonly,”Error”
WScript.Quit 100
End If
On Error GoTo 0
End Sub