Decrypting MS SQL 2000 Stored Procedures

June 19th, 2008 | Posted by shawn | View Comments

I ran across the need to decrypt some stored procedures. I’m writing an interface to a large enterprise application that the company I work for makes. I just want to see the stored procedure code so I could understand what it was doing. Everytime I asked for access to the source code it was like I was asking for emails from the white house. Finally I figured I would just have to go it alone.

So after about 5 minutes of surfing and passing by shareware products, I came across this url, Decrypt encrypted stored procedures.

I took the stored procedure and turned it into a script that would automatically decrypt the stored procedures in a database. One thing this can’t handle is decrypting stored procedures that are > 4000 characters, since they take up more the 1 row in syscomments. So for me I was able to decrypt about half of the 1300 stored procedures this application uses. Also about half the decrypted stored procedures were recreated under the id I was running the script with rather then dbo.

The logic is pretty simple to follow so I think I might spend some time and build a .net app to decrypt the stored procedures that are > 4000 characters. Don’t hold your breath though, with the stored procedures I decrypted and profiler I was figure out what I needed to figure out.

Download: decrypt.vbs

Posted in : possible, sql
Tags: , , , ,

  • Does anyone know if there is another language or set of commands beside SQL for talking with databases?

    I'm working on a project and am doing some research thanks
  • Anthony
    Give it a shot on a test SP. Shoot me an email if you have questions. Cheers.
    -a-
  • Got the script. I'm wishing I had some encrypted sp's on sql 2005 to use it on. It's in my utility belt now so i'll have it if i need it in the future. Thanks.
  • Anthony
    Sent the script, to your email, that creates a SP that decrypts a SP that has been encrypted CREATED or ALTERED "with encryption" in SQL Server 2005. I found it on Google Groups and it seems to only do SP's. I am going to try to alter it to do Views also. Let me know if you didnt get it.
  • I didn't try the script with sql 2005 so it's probably the factor. What did you do to get it working? If you wouldn't mind, email it to shawn@tubejumper.com, I'd love to take a look.
  • Anthony
    Ok, I got it to work. Decrypting that is. I think (but not sure) that the problem I had was I was using a SQL 2005 database. Further Google searches revealed this thread:

    http://groups.google.com/group/microsoft.public...

    For now, this works good for me. My sprocs arent greater then 4K.

    Thanks for putting up with me! :-)
  • Anthony
    Hello Shawn, I see.... I am logging in with "sa" and have full rights. Its a development DB and I am the only developer on this (now) as the other developer has left, and left me with encrypted sprocs.

    I will restore and then try to run this script once, halting it where it has decrypted the sproc and hopefully I can see what its about to replace (on that delete and create step).
  • It might be do to the rights given to the id your connecting to sql with. If it doesn't have the right to create sp's then these tools will not work.

    There is no function in sql that will unencrypt the sp's. What the tools do is decrypt them in memory and then recreate them again by deleting and running the create sp comand with the contents unencrypted.

    Hope that makes sense and not circular.
  • Anthony
    Didnt work. :-( The script simply deleted all of the stored procedures, those the messages seemed to indicate that it ran OK.

    spACCOUNT_Delete - Decrypted
    spACCOUNT_Update - Decrypted
    spACCOUNT_Insert - Decrypted
    spACCOUNT_Copy - Decrypted

    and so on.. 150+ SP's deleted.

    I will have to restore. Why would it delete them. There were no signs of them anywhere, just the sp_decrypt_sp that was being called to decrypt...

    Oh well. Almost every solution I've tried simply deletes the SP and doesnt decrypt them.
  • Anthony
    OK, cool. I will give this a try. Thanks so much!
  • I ran the script at the command line using cscript.exe, which should be on all win xp sp2 installs. It's setup using a trusted connection, but you can modify the connstring variable if you need to use a sql login. Just replace Trusted_Connection=yes with uid=id;pwd=password for sql login.
  • Anthony
    Forgot to ask, did you run that from the command line as a WSH script? I am not familiar with that but shall attempt.
  • Anthony
    Where/how did you run the VBS file? From what development environment? I would like to give this a try too.

    Thanks!
blog comments powered by Disqus

Popular Post

Latest Post