Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Vulnerability Development: PERL based MS-SQL username/password checker

PERL based MS-SQL username/password checker

From: RT <roelof_at_sensepost.com>
Date: Fri, 9 Nov 2001 01:37:18 +0000 (GMT)

Ppl,

Always wanted a PERL based script that could test for usernames and passwords
on MS-SQL (1433)? Test for blank SA passwords etc..? Let it roam inside a
private net? Open source..modify and have fun...turn it into a brute forcer -
whatever...

Enjoy.
Roelof.

PS: found a way to DOS the service as well. Mail was sent to M$. Let's see what
they come up with. Fiddle with the space allocated to the username and
password... Eeye might even come up with a sweet buffer overflow..who knows??

------------------------------------------------------
Roelof W Temmingh SensePost IT security
roelof_at_sensepost.com +27 83 448 6996
http://www.sensepost.com http://www.hackrack.com

Received on Nov 08 2001
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]