Bugtraq mailing list archives
MS-SQL 'sa' password exploit code
From: herbless () HUSHMAIL COM
Date: Tue, 15 Aug 2000 20:28:11 +0000
It would appear that the code got mangled in transit.... 2nd attempt. Attached is the C code tarred and gzipped. The program is a command-line interface for MS-SQL servers that will allow you to execute commands on the underlying operating system, execute SQL queries and upload files to the remote server. It logs in with the default password (changeable) and includes a built-in scanner for finding unsecured hosts on your network. It has been written for Linux and requires the freeTDS library available from http://www.freetds.org --herbless
Attachment:
linsql.tar.gz
Description:
Current thread:
- MS-SQL 'sa' password exploit code herbless (Aug 16)