Apparently Outsystems has a kind of security through obscurity (link1, link2) by not saying things which have nothing to do with intrusion or whatever to client servers per se. If it is easy, then obscuring how the password encryption/hashing is done, will not at all help them.
Anyway; someone asked me to change the servicecenter password as they could no longer log into their servicecenter via web or studio. They did have access to the MS-SQL server running their software.
What you need is at least one application account in one of the applications running on the server of which you actually know what the password is.
The passwords are salted hashes (MD5 they say in the forums but it doesn’t look like a salted MD5) so you can just replace one hash with another in the database.
Either connect via MS-SQL directly via SQL Server Management Studio or fire it up in MSTSC and run query:
select PASSWORD from dbo.ossys_User where USERNAME=’admin’;
and change the name of ‘admin’ to the user you actually know the password of. Copy the PASSWORD and save it somewhere.
Run the following query:
select * from dbo.ossys_User where USERNAME=’admin’;
With the correct hash and ID.