Penetration Testing mailing list archives
Re: MS SQL Server
From: "Jeroen" <jeroen () isvet nl>
Date: Fri, 16 Sep 2005 19:40:30 +0200
xyberpix wrote: <SNAP>
I have been able to successfully add myself to the local Administrators group, and can now TS into the box in question. I have absolutely no rights on the SQL server though, so any pointers here would be greatly appreciated!
Hi xyberpix, Most of the time, MSSQL-boxes use a "hybrid" authentication model; a combination of SQL authentication and NT authentication is used. So probably you can already connect to the database. The easiest ways to check: - start isql.exe while logged on as an Administrator; - install and start the MSSQL enterprise manager on _a_ box and connect to the MSSQL-box you've found using NT credentials. Enterprise manager makes it possible to view databases, data and to maintain them (backups etc.). If they use MSSQL authentication only: - try user SA with a blank password (*lol*); - run a pwdump on the NT-box and crack the password of the users found (LC5/rainbowtables). Most of the time found logon names and passwords are also used on SQL. Have fun and please let us know how the story ended ;) Greets, Jeroen ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- MS SQL Server xyberpix (Sep 16)
- Re: MS SQL Server Jeroen (Sep 16)
- <Possible follow-ups>
- RE: MS SQL Server Beauford, Jason (Sep 16)
- Re: MS SQL Server Thor (Hammer of God) (Sep 18)
- RE: MS SQL Server Derick Anderson (Sep 16)
- Re: MS SQL Server cscguy80 (Sep 18)
- RE: MS SQL Server Michael Gargiullo (Sep 19)