Penetration Testing mailing list archives

Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services

From: Andres Riancho <andres.riancho () gmail com>
Date: Tue, 07 Jun 2005 23:41:40 -0300

If they have a web site online , and also a mssql i guess that the webuses some of the database content. I would try some SQL Injection ontheir site.


Cheers,

Andres Riancho

Hugo Vinicius Garcia Razera wrote:

Hi every one, I'm doing a pen test on a client, and have found that he
have a windows 2003 server box on one segment of his public addresses
this is his dns/web/mail server:

- mssql :1433
- terminal services :3389
- iis 6 :80
- smtp :25
- pop3 :110
- dns : 53
- ftp : filtered

ports opened, i logged on the terminal services port whit the winxp
remote desktop utility and it connects perfectly.

i tried a dictionari atack on mssql server whit the "sa" account and
others user names i collected.
Hydra from THC was the tool, but no succes on this atack.
also tried the tsgrinder for terminal services , but no success.


well here come some questions:

- What others Usernames should i try for sql and terminal services?
 i tried whit "sa" for sql and "Administrator" for TS

- Any one knows how could i identify what version of sql server is running.
- What other services of this host can be exploited?

any comments, ideas, suggestions would be greatly appreciated.

Hugo Vinicius Garcia Razera

Current thread:

pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Hugo Vinicius Garcia Razera (Jun 07)
- Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Kevin Reiter (Jun 07)
- Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Aaron Oh (Jun 07)
- Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Chip Andrews (Jun 07)
  - RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Sash (Jun 08)
- Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Andres Riancho (Jun 07)
  - Injecting commands into a mainframe through a servlet Frederic Charpentier (Jun 08)
    - RE: Injecting commands into a mainframe through a servlet Jason Muskat (Jun 08)
  - RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Leandro Reox (Jun 09)
- Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Tomasz Piotr Palarz (Jun 09)
  - Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Hugo Vinicius Garcia Razera (Jun 10)
- <Possible follow-ups>
- RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Geoff Varosky (Jun 07)
- Re: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services mike king (Jun 07)
- RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services Erik Pace Birkholz (Jun 09)
- RE: pen-test on a windows 2003 server box whit MS-SQL and Terminal Services DUBRAWSKY, IDO (CALLISMA) (Jun 09)
  - Message not available
    - SQL injection Faisal Khan (Jun 09)

(Thread continues...)