Write a batch script and use a commandline client to connect.
SQL Server brute forcing?
Hi guys,
I have a simple but important question.
I'm performing a pentest to one specific server and discovered with nessus that SQL server is running on the 1433 port. The remote SQL Server version is 9.0.4035.0
I've tried to connect to it using the default accounts: (sa/'sa' & sa/'blank password'), from a windows box with SQL Client installed but had no success.
What would you guys recommend as an alternative. I'm thinking about bruteforcing it, but what would be the most appropriate/effective way to do that, considering I've never done it before?
Also, what application would you recommend? Hydra?
Thanks for the patience and for the newbie question.
sl33p
Write a batch script and use a commandline client to connect.
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
Agree. I think that would be the best way to do it.Originally Posted by thorin
Obviously if account lockout in setup for said account, it's not going to work.
thanks guys, I'll try to do the .bat and run it using SQLCMD.
As a note, the following example illustrates how to connect to a named instance of the SQL Server using Hostname and PORT number.
Font: GoogleC:\Program Files\Microsoft SQL Server\90\Tools\Binn>
SQLCMD -Stcp:HOME,7005 -Usa -P********
*where Home is the hostname, 7005 is the PORT number of the named instance SQLEXPRESS.
Guess it's gonna work.
sl33p
You should download sqlping and give it a small username and password dictionary:
Free Tools
William
Posting Permissions