assword
> brute-force attack. We have the required code in place, see issue
> #34[3] and will soon close the whole thing.
>
> However, OPENROWSET is enabled by default on MSSQL 2000. From MSSQL
> 2005 RTM it is disabled by thereforce, hence either the database
> administrator has
there is a way for bruteforce the SA password using SQL INJECTION?
this is the Scenario. it is a DataBase Server (Sql Server 2008) without
access to the internet (it has the 1433 port blocked),
the current user is a normal user (low privileges User). cannot get SA hash
password.
the question is,
