Metasploit mailing list archives
Re: mssql_enum bug
From: Robin Wood <robin () digininja org>
Date: Tue, 24 Jan 2012 18:21:45 +0000
On 24 January 2012 18:06, Robin Wood <robin () digininja org> wrote:
Everything is set correctly and Nessus reported the install as having a blank sa password but I get this error, same with mssql_sql. Robin msf auxiliary(mssql_enum) > show options Module options (auxiliary/admin/mssql/mssql_enum): Name Current Setting Required Description ---- --------------- -------- ----------- PASSWORD no The password for the specified username RHOST 10.21.5.23 yes The target address RPORT 1433 yes The target port USERNAME sa no The username to authenticate as USE_WINDOWS_AUTHENT false yes Use windows authentification msf auxiliary(mssql_enum) > run [*] Running MS SQL Server Enumeration... [-] Auxiliary failed: EOFError EOFError [-] Call stack: [-] /Users/robin/src/msf/lib/rex/io/stream.rb:202:in `get_once' [-] /Users/robin/src/msf/lib/msf/core/exploit/mssql.rb:261:in `mssql_send_recv' [-] /Users/robin/src/msf/lib/msf/core/exploit/mssql.rb:350:in `mssql_prelogin' [-] /Users/robin/src/msf/lib/msf/core/exploit/mssql.rb:388:in `mssql_login' [-] /Users/robin/src/msf/lib/msf/core/exploit/mssql.rb:640:in `mssql_login_datastore' [-] /Users/robin/src/msf/modules/auxiliary/admin/mssql/mssql_enum.rb:37:in `run' [*] Auxiliary module execution completed
I just tried to connect to this with the MS SQL Enterprise Manager 2008 and that tells me that it can only connect to servers with version 2000 or above, looking at a process list on the machine SQL Server is running from c:\MSSQL7 so I'd guess it is version 7. I wonder if you can catch that it is this early version and do a nice fail rather than just catch the exception and say couldn't connect. Robin Robin _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- mssql_enum bug Robin Wood (Jan 24)
- Re: mssql_enum bug Robin Wood (Jan 24)
- Re: mssql_enum bug HD Moore (Jan 24)
- Re: mssql_enum bug Robin Wood (Jan 24)
- Re: mssql_enum bug HD Moore (Jan 24)
- Re: mssql_enum bug Robin Wood (Jan 24)