Re: Microsoft SQL Server fingerprints for SQL 2000 and 2005

[Tom Sellers <nmap () fadedcode net>]

Thomas Buchanan wrote:
> Tom,
>
> Thanks for the excellent information.  I've done a little testing on SQL
> Server in the past, and never knew about this.  
>
> > If it would be more efficient, the major version match lines
> > can be added and I will look into creating a lua script that
> > will query the port, extract the version and generate detailed
> > information.
>
> I've actually written a NSE script that targets Microsoft SQL server,
> and that's included in nmap-4.50 and newer (MSSQLm.nse).  I'd be happy
> to take the information you provided and try and work it into that
> script.  I think it would be an excellent addition, as the current
> script relies on UDP probes to extract information, which as you
> indicated are not accurate for newer releases of SQL 2000.  It'll
> probably be a few days before I have much time to work on it, but I
> wanted to go ahead and make the offer.
>
> Thanks again,
>
> Thomas

That would be great!  It makes sense to me to have it all in one
script.  If I did it I would pretty much be learning lua as I go.  If
you wrote the script it would likely result in a much better script
and much sooner.  ;)

Let me know if there is anything I can do to assist with this process.

Thanks much,

Tom Sellers

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org