Metasploit mailing list archives
MSSQL Server
From: prabhatxsharma at yahoo.com (Prabhat Sharma)
Date: Fri, 8 Oct 2004 23:25:26 -0700 (PDT)
Hi Matt, You may be right. There is one more thing that I would like to tell. The machines which continued to work repeatedly were using MSDE 2000 and the other machine which worked only once was using MS SQL Server 2000. Could there be a problem with the OS I am using. There was another instance when msrpc exploit did not work on a machine when I was using it from windows xp. But when I used linux as my OS it worked perfectly all right. My machine has only 128 MB Ram and it is very sluggish with X on linux so I use winbloze. Regards, Prabhat --- mmiller at hick.org wrote:
On Fri, Oct 08, 2004 at 11:08:43PM -0700, Prabhat Sharma wrote:Hi Matt, Framework, Once I got the shell I did not run anycommandsother than a dir command to list the files in the directory and then I exited from the shell.Note the message that is displayed by the exploit: Execute 'net start sqlserveragent' once access is obtained The reason it is telling you to do this (I assume) is that you may not, or likely will not, be able to exploit the service again since it will have crashed and not have been restarted. This is why it tells you to run the command when you gain access (such that you don't have the problem that you are currently experiencing).
__________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail
Current thread:
- MSSQL Server Prabhat Sharma (Oct 08)