Re: MS-SQL banners

[Nicolas Gregoire <ngregoire () exaprobe com>]

04/04/2002 17:35:54, -l0rt- <simon () snosoft com> wrote :

> What is this for?
>
> On Wed, 3 Apr 2002 nicob () nicob net wrote :
>
> > I'm actually collecting the differents strings send by
> > MS-SQL servers during the authentification phase.
> > I want to collect as much banners as possible, for
> > differents versions (6.5, 7.0, 2K, ...) and languages
> > (french, spanish, english, japanese, ...).

I've received several mails about my previous post and I think that I 
need to make a clarification about my goals.

First of all, there isn't any social engineering attempt here !

My main goal is to be able to identify a unique string which can be used 
in vulnerability assessement software in order to check for a successfull 
MS-SQL login, for all versions and languages.

As far as I know, current VA softwares don't check very well for vulns on 
these localized daemons.

Many thanks to those who already send me MS-SQL banners, but I need 
a lot more :)


Regards,

Nicob