Hi Juan,
master.dbo.xp_execresultset is a stored extended procedure available
on Microsoft SQL Server 2000. It is not availabe on MSSQL 2005/2008
onwards by default, hence the error message and the DBA brute force
attack fails.
Bernardo
On 24 July 2012 14:26, juan molina wrote:
> I was trying
Hi Juan
I'm not convinced it's due to either of your suggestions.
If openrowset is disabled, you'll get an error message that begins
something like:
SQL Server blocked access to STATEMENT 'OpenRowset/OpenDatasource' of
component 'Ad Hoc Distributed Queries' because this component is turned off
a
I was trying sqlninja.
this is the query it use for bruteforce SA password with 1 character
(numbers and letters).
declare @p nvarchar(99),@z nvarchar(10),@s nvarchar(99), @a int, @q
nvarchar (4000) set @a=1 set @s=N'abcdefghijklmnopqrstuvwxyz0123456789'
while @a<37 begin set @p=N'' set @z = subs
Hi Juan,
Microsoft SQL Server has a built-in function called OPENROWSET to
query another DBMS (or the DBMS itself). Back in 2002 Chris Anley
released a paper demonstrating how to abuse this function to perform a
DBMS user's password brute-force attack within the MSSQL instance. A
few years later t
Hi Juan
If openrowset is enabled then it's possible to attack with a wordlist.
This was disabled by default after sql server 2000 though, so it'd have to
be enabled.
Chris
On 20 July 2012 12:14, juan molina wrote:
> there is a way for bruteforce the SA password using SQL INJECTION?
>
> this is
there is a way for bruteforce the SA password using SQL INJECTION?
this is the Scenario. it is a DataBase Server (Sql Server 2008) without
access to the internet (it has the 1433 port blocked),
the current user is a normal user (low privileges User). cannot get SA hash
password.
the question is,
