Penetration Testing mailing list archives
SQL Server Scan
From: pma111 <pmaneedham () hotmail com>
Date: Thu, 23 Jul 2009 03:54:01 -0700 (PDT)
Does anybody know of any SQL Server Vulnerability Scanner / tools that can be used (SQL Serv 2000)(enumate weak passwords, enumerate the various DB names, enumerate SIDS -- if thats what they are called outside Oracle, identify blank SA passwords, identify the key vulnerabilities etc)... I have the IP of the SQL Server, and can run the testing interally within the Network... Any pointers welcome... I am trying to demonstrate how easy it is to get on a DB on the Server by sitting on the Network, to demonstrate a threat from within... -- View this message in context: http://www.nabble.com/SQL-Server-Scan-tp24623425p24623425.html Sent from the Penetration Testing mailing list archive at Nabble.com. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- SQL Server Scan pma111 (Jul 23)
- Re: SQL Server Scan daniel svartman (Jul 23)
- Message not available
- Re: SQL Server Scan YEHG Group (Jul 23)
- Message not available
- Re: SQL Server Scan daniel svartman (Jul 23)
- Re: SQL Server Scan Kvetch (Jul 23)
- Re: SQL Server Scan Adriel T. Desautels (Jul 24)
- RE: SQL Server Scan Syed Khaden (Jul 24)
- Re: SQL Server Scan τ∂υƒιφ * (Jul 24)
- Re: SQL Server Scan Robin Wood (Jul 24)