[Mercury][SQLServer JDBC Driver][SQLServer]Login failed for user ‘td’
Basically this error means that the password that quality center is trying to use for user ‘td’ in your MSSQL database doesn’t match whatever is in the database.
How did I fix this?
I installed Wireshark and captured the traffic on the server that Quality Center was installed on.
- Use filter tcp.port eq 1433
- Find the packet with description TDS7/8 Login Packet
- Scroll down in packet details until you see login and password
How does it all work?
From: http://www.securiteam.com/tools/6Q00I0UEUM.html
Microsoft SQL Server supports two kinds of authentication: 1) Windows Authentication 2) SQL Server Authentication SQL Server Authentication is still supported for backward compatibility. SQL Server Authentication is the weaker among the two. In SQL Server Authentication, usernames are sent in the clear, whereas passwords are encrypted using a very simple algorithm. The username and password used for this example is sa/password. The algorithm to encrypt the password is simply to expand every byte of the password to 2 bytes, swap the higher and lower 4 bits within each byte, xor each byte with A5. For example to encrypt the character "p": (ASCII is 70 hex): 70 is expanded to 70 00 After the swap the result is: 07 00 XOR with A5: A2 A5 Hence to decrypt it, we will take the odd bytes, XOR with A5, and swap the higher and lower 4 bits. Take A2 XOR with A5: A2 XOR A5 = 07 Swap: 7 becomes 70.
Hex to ascii converter: http://www.dolcevie.com/js/converter.html
Leave a Reply