MSSQL Server

[prabhatxsharma at yahoo.com (Prabhat Sharma)]

Hi Matt,
    You may be right. There is one more thing that I
would like to tell. The machines which continued to
work repeatedly were using MSDE 2000 and the other
machine which worked only once was using MS SQL Server
2000.
    Could there be a problem with the OS I am using.
There was another instance when msrpc exploit did not
work on a machine when I was using it from windows xp.
But when I used linux as my OS it worked perfectly all
right. My machine has only 128 MB Ram and it is very
sluggish with X on linux so I use winbloze.

Regards,
Prabhat

--- mmiller at hick.org wrote:

> On Fri, Oct 08, 2004 at 11:08:43PM -0700, Prabhat
> Sharma wrote:
> > Hi Matt, Framework,
> >      Once I got the shell I did not run any
> commands
> > other than a dir command to list the files in the
> > directory and then I exited from the shell.
>
> Note the message that is displayed by the exploit:
>
>    Execute 'net start sqlserveragent' once access is
> obtained
>
> The reason it is telling you to do this (I assume)
> is that you
> may not, or likely will not, be able to exploit the
> service again since it
> will have crashed and not have been restarted.  This
> is why it tells you
> to run the command when you gain access (such that
> you don't have the
> problem that you are currently experiencing).



                
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail