Skip to content

Goultarde/hex2sid

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
__pycache__
__pycache__
 
 
hex2sid.egg-info
hex2sid.egg-info
 
 
LICENSE
LICENSE
 
 
MANIFEST.in
MANIFEST.in
 
 
README.md
README.md
 
 
hex2sid.py
hex2sid.py
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

MSSQL SID Converter

A specialized tool for security researchers and penetration testers to convert hexadecimal SID values (often encountered during MSSQL enumeration) into the standard human-readable Windows Security Identifier (SID) format.

During Active Directory assessments, MSSQL queries often return SIDs in a raw binary format (e.g., 0x01050000...). This tool automates the decoding of the Revision, Identifier Authority, and Sub-authorities (RIDs).

Features

  • Single Conversion: Convert a single hex string directly from the CLI.
  • Bulk Processing: Process a list of hex SIDs from a text file.
  • Direct MSSQL Connection: Retrieve SIDs directly from MSSQL servers using impacket (no need for nxc/netexec).

Installation

Via pipx (recommandé)

pipx install git+https://github.com/Goultarde/hex2sid

Via pip

pip install git+https://github.com/Goultarde/hex2sid

Installation manuelle

Clone the repository and make the script executable:

git clone https://github.com/Goultarde/hex2sid
cd hex2sid
chmod +x hex2sid.py
pip install -e .

Note: The tool requires impacket which will be installed automatically as a dependency.

Usage

Help Menu

hex2sid --help
# ou si installé manuellement:
python3 hex2sid.py --help

Convert a single hex SID

hex2sid 0x010500000000000515000000b9b39f9b3fa63e5ea8d050a1290a0000
# ou si installé manuellement:
python3 hex2sid.py 0x010500000000000515000000b9b39f9b3fa63e5ea8d050a1290a0000

Output: S-1-5-21-2610931641-1581164095-2706362536-2601

Convert from a file

hex2sid -f sids.txt
# ou si installé manuellement:
python3 hex2sid.py -f sids.txt

Retrieve SIDs directly from MSSQL server

The tool can now connect directly to MSSQL servers using impacket, eliminating the need for nxc/netexec:

# SQL Server authentication
hex2sid --mssql 192.168.1.100 -u sa -P Password123

# Windows authentication with domain
hex2sid --mssql 192.168.1.100 -u user -P pass -d DOMAIN

# Using NTLM hashes
hex2sid --mssql 192.168.1.100 -u user -H aad3b435b51404eeaad3b435b51404ee:...

# Custom port
hex2sid --mssql 192.168.1.100 -p 1434 -u sa -P Password123

# Custom SQL query
hex2sid --mssql 192.168.1.100 -u sa -P Password123 -q "SELECT name, master.dbo.fn_varbintohexstr(sid) AS sidhex FROM sys.server_principals WHERE name LIKE '%admin%';"

Output example:

[+] Connexion établie à 192.168.1.100:1433
[+] Exécution de la requête SQL...

[+] 5 SID(s) trouvé(s):

Nom                           SID Hex                                             SID Formaté
----------------------------------------------------------------------------------------------------
sa                            0x010500000000000515000000b9b39f9b3fa63e5ea8d050a1290a0000  S-1-5-21-2610931641-1581164095-2706362536-2601
...

Practical Example

Old method (using nxc/netexec):

nxc mssql "$IP" -u "$USER" -p "$PASSWORD" -q 'SELECT name, master.dbo.fn_varbintohexstr(sid) AS sidhex FROM sys.server_principals;' | grep 'sidhex:' | cut -d':' -f2 | awk 'length($1) > 20' > hex.txt
python3 hex2sid.py -f hex.txt

New method (direct connection with impacket):

hex2sid --mssql "$IP" -u "$USER" -P "$PASSWORD"

About

A lightweight Python utility to convert binary/hexadecimal SIDs (extracted from MSSQL via NetExec or SQL queries) into human-readable Windows SID format (S-1-5-21-...).

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages