Penetration Testing mailing list archives

RE: MS SQL Server

From: Michael Gargiullo <mgargiullo () pvtpt com>
Date: Sat, 17 Sep 2005 11:06:42 -0400

You have access to the data files themselves.  Why not download a copy
and import them on a local copy of sql server?

Or

Grab the SAM from this local box and run it through LC5 to see if you
can grab the SQL Server User's username and password.  I say this,
because if they were savy enough to remove the local admin access to sql
server, they probably did the right thing and created a user that the
server runs as.

Or

Use this machine as a spring board to attack the AD

-----Original Message-----

Hey All,

Ok, so here's the deal, I've managed to compromise a Win2k 
server at a clients site, and this also has thier Peoplesoft 
and Remedy databases on it, running on MS SQL 2000. I have 
been able to successfully add myself to the local 
Administrators group, and can now TS into the box in 
question. I have absolutely no rights on the SQL server 
though, so any pointers here would be greatly appreciated!  
I found a backup of the Remedy db, and by setting up a SQL 
server on one of my machines managed to restore it, and I now 
have access to that, thatnks to a load of MS SQL howto's 
online, but I am more concerned about getting the Peoplesoft 
db data, but no such joy with finding backups lying around.

Ideally I would like to try and avoid commercial tools, but 
as far as compromising a SQL server, I've never done it 
before, and could do with any help that I can get here.
TIA

xyberpix



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

MS SQL Server xyberpix (Sep 16)
- Re: MS SQL Server Jeroen (Sep 16)
- <Possible follow-ups>
- RE: MS SQL Server Beauford, Jason (Sep 16)
  - Re: MS SQL Server Thor (Hammer of God) (Sep 18)
- RE: MS SQL Server Derick Anderson (Sep 16)
- Re: MS SQL Server cscguy80 (Sep 18)
- RE: MS SQL Server Michael Gargiullo (Sep 19)