Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

[TOOL RELEASE] Exploit Next Generation SQL Fingerprint v.

From: "Nelson Brito" <nbrito () sekure org>
Date: Fri, 8 Oct 2010 13:19:35 -0300
The Exploit Next GenerationR SQL FingerprintT (f.k.a. Microsoft SQL Server
Fingerprint Tool) is a powerful tool which performs version fingerprinting
for:
        1. Microsoft SQL Server 2000;
        2. Microsoft SQL Server 2005; and
        3. Microsoft SQL Server 2008.

The Exploit Next GenerationR SQL FingerprintT (ESF) uses well-known
techniques based on several public tools that are capable to identify the
Microsoft SQL Server version (such as: SQLping and SQLver), but, instead of
showing only the "raw version" (i.e., Microsoft SQL Version 10.00.2746), the
Exploit Next GenerationR SQL FingerprintT shows the mapped Microsoft SQL
Server version (i.e., Microsoft SQL 2008 SP1 (CU5)). 

The strengths of Exploit Next GenerationR SQL FingerprintT are:
        1. It uses both TCP and UDP protocols to determine the Microsoft SQL
version, making it much more reliable than any other public or commercial
tool.
        2. It is capable to identify multiple Microsoft SQL Server instances
and their TCP communication ports.
        3. It does not require any authentication method to identify the
Microsoft SQL Server version.
        4. It uses probabilistic algorithm to identify the Microsoft SQL
Server version, combining both TCP and UDP fingerprint.

The Exploit Next GenerationR SQL FingerprintT can also be used to identify
vulnerable/unpatched Microsoft SQL Server version, and it is based on some
techniques used by Exploit Next GenerationR Compliance Methodology to
perform automated penetration test. The version 1.10.101008/CTP includes
support to identify the following Microsoft SQL Server versions:
        . Microsoft SQL 2008 SP1 (CU5)
        . Microsoft SQL 2008 SP1 (CU6)
        . Microsoft SQL 2008 SP1 (CU7)
        . Microsoft SQL 2008 SP1 (CU8)
        . Microsoft SQL 2008 SP1 (CU9)
        . Microsoft SQL 2008 SP1 (CU10)
        . Microsoft SQL 2008 SP2 CTP
        . Microsoft SQL 2008 SP2
        . Microsoft SQL 2008 R2 RTM
        . Microsoft SQL 2008 R2 (CU1)
        . Microsoft SQL 2008 R2 (CU2)
        . Microsoft SQL 2008 R2 (CU3)

The Exploit Next GenerationR SQL FingerprintT is currently licensed by
GPLv3, but, until I got all the code revised, the source code will not be
available.

It is available @ http://code.google.com/p/esf/.

Please, be nice and wait for the code review!

Best regards.

Nelson Brito
Security Researcher
http://fnstenv.blogspot.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: