Re: [NSE] ms-sql scripts and library updates merged

[Chris Woodbury <woodbusy () gmail com>]

And just so it's clear to all, "integrated authentication" is *Windows*
authentication, which I think is one of the best features we added. That
means the NSE scripts can log on to a SQL Server using Windows
credentials (with logon rights), without having to have SQL Server
credentials. So, a Windows administrator (or someone with the
administrator's credentials) whose credentials have sysadmin rights (which
is the default in most cases) to all of the SQL Servers in a domain could
use the NSE scripts with those credentials to access all of the SQL Servers!
Previously, the ms-sql-* scripts could authenticate with SQL Server logins,
which are often unique to each instance.

-chris

On Sat, Feb 26, 2011 at 4:50 PM, Patrik Karlsson <patrik () cqure net> wrote:

> Hi all,
>
> I just merged the work Chris Woodbury and I have been doing on the ms-sql
> branch.
> In short it includes the following changes (I've probably forgot something
> as the changes were quite big):
>  - Improved version detection
>  - Improved server discovery
>  - Add support for named pipes
>  - Add support for integrated authentication
>  - Add support for connecting to instances by name or port
>  - Improved script and library stability
>  - Improved script and library documentation
>
> Apart from the ms-sql library and scripts it includes the addition of named
> pipes support to the smb.lua library.
>
> //Patrik
> --
> Patrik Karlsson
> http://www.cqure.net
> http://www.twitter.com/nevdull77
>
> _______________________________________________
> Sent through the nmap-dev mailing list
> http://cgi.insecure.org/mailman/listinfo/nmap-dev
> Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/