... Sniff the network to obtain SQL traffic (non-SSL of course!) Gain access to the machine and steal the hashes Decrypting these the hard way: Pen Testing Databases by Michael T. Raggo, CISSP, NSA-IAM, ... ‘Trusted Root Certificate Store’ (Do not trust the certificate wizard to automatically place it in the right place – manually place the certificate)SQL Server Security Whitepapers and Sites• ... http://myserver/certsrv and click ‘Retrieve the CA certificate or certificate revocation list’ Click ‘Download CA certificate’ Open the certificate, click ‘Install Certificate’ and install it in the ‘Trusted...