Nmap Development mailing list archives

Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts

From: David Fifield <david () bamsoftware com>
Date: Thu, 1 Apr 2010 21:48:10 -0600

On Thu, Apr 01, 2010 at 12:20:05PM -0600, David Fifield wrote:

On Sun, Mar 28, 2010 at 11:18:17AM +0200, Patrik Karlsson wrote:

I've corrected a few mistakes in the MSSql scripts, such as the name
of the service and some inconsistencies in output.
The column names are now underlined with '=' for clarity. Don't know
if that was the "best" character to use, but it's easy to change.


I'm going to follow up with thoughts on combining some of the scripts.


So, after looking over the scripts I've come to the same conclusion as
Fyodor in http://seclists.org/nmap-dev/2010/q1/1023, namely that

mssql-databases
mssql-linked-servers
mssql-sp-configure
mssql-tables

are the best candidates to be combined. mssql-databases,
mssql-linked-servers, mssql-sp-configure, and mssql-query are very
similar, basically just doing different queries. I think mssql-query
should remain on its own because it can be controlled with a script
argument. mssql-tables is not as similar as these others by this simple
metric, but it still seems pretty close to mssql-databases. mssql-tables
is the only one I'm not sure about; what do you think?

I want to see what people think about the method used by
mssql-hasdbaccess. It creates a table, stores access data in it, selects
from the table, then drops the table. I guess this could be harmful if
there's an existing table called #hasdbaccess. This is what it does:

CREATE table #hasaccess(dbname varchar(255), owner varchar(255),
        DboOnly bit, ReadOnly bit, SingelUser bit, Detached bit,
        Suspect bit, Offline bit, InLoad bit, EmergencyMode bit,
        StandBy bit, [ShutDown] bit, InRecovery bit, NotRecovered bit );
INSERT INTO #hasaccess EXEC sp_MShasdbaccess;
SELECT TOP 5 dbname, owner FROM #hasaccess WHERE dbname NOT IN (master, tempdb, model, msdb);
DROP TABLE #hasaccess;

I'm not sure this script is useful enough for this amount of
intrusiveness, but maybe I just don't know. What can someone do with the
information provided by mssql-hasdbaccess?

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts David Fifield (Apr 01)
- Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Patrik Karlsson (Apr 01)
  - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts David Fifield (Apr 01)
    - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Patrik Karlsson (Apr 01)
- Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts David Fifield (Apr 01)
  - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Patrik Karlsson (Apr 02)
    - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts David Fifield (Apr 02)
    - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Patrik Karlsson (Apr 02)
    - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts David Fifield (Apr 03)
    - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Patrik Karlsson (Apr 04)
    - Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts Fyodor (Apr 04)
- Re: [NSE] Microsoft SQL Server (MSSQL) library and scripts David Fifield (Apr 01)