[NSE] new script ms-sql-dac

[Patrik Karlsson <patrik () cqure net>]

Hi all,

I just committed a new script called ms-sql-dac which tries to detect the
DAC (Dedicated Admin Connection) port for SQL Server instances.
I first put the script in the default category as it does not return
extensive information or sends a lot of data over the network.
I then removed it even after I re-wrote the discovery to run in parallel
against all discovered instances.
My reasoning was that it would add 5 seconds to each scan where the script
could retrieve the instances but at least one of them would NOT have remote
DAC setup.
The reason being that the script would have to wait for a timeout of the
response.

I'm attaching the script description, in case someone is curious on what
the DAC is;
"Queries the Microsoft SQL Browser service for the DAC (Dedicated Admin
Connection) port
of a given, or all SQL Server instances. The DAC port is used to connect to
the database
instance when normal connection attempts fail, for example, when server is
hanging, out
of memory or in other bad states. In addition, the DAC port provides an
admin with
access to system objects otherwise not accessible over normal connections.

The DAC feature is accessible on the loopback adapter per default, but can
be activated
for remote access by setting the 'remote admin connection' configuration
value to 1. In
some cases, when DAC has been remotely enabled but later disabled, the sql
browser
service may incorrectly report it as available. The script therefore
attempts to connect
to the reported port in order to verify whether it's accessible or not"

Cheers,
Patrik
-- 
Patrik Karlsson
http://www.cqure.net
http://twitter.com/nevdull77
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/