Nmap Development mailing list archives
[NSE] new script ms-sql-dac
From: Patrik Karlsson <patrik () cqure net>
Date: Tue, 10 Jul 2012 12:39:00 +0200
Hi all, I just committed a new script called ms-sql-dac which tries to detect the DAC (Dedicated Admin Connection) port for SQL Server instances. I first put the script in the default category as it does not return extensive information or sends a lot of data over the network. I then removed it even after I re-wrote the discovery to run in parallel against all discovered instances. My reasoning was that it would add 5 seconds to each scan where the script could retrieve the instances but at least one of them would NOT have remote DAC setup. The reason being that the script would have to wait for a timeout of the response. I'm attaching the script description, in case someone is curious on what the DAC is; "Queries the Microsoft SQL Browser service for the DAC (Dedicated Admin Connection) port of a given, or all SQL Server instances. The DAC port is used to connect to the database instance when normal connection attempts fail, for example, when server is hanging, out of memory or in other bad states. In addition, the DAC port provides an admin with access to system objects otherwise not accessible over normal connections. The DAC feature is accessible on the loopback adapter per default, but can be activated for remote access by setting the 'remote admin connection' configuration value to 1. In some cases, when DAC has been remotely enabled but later disabled, the sql browser service may incorrectly report it as available. The script therefore attempts to connect to the reported port in order to verify whether it's accessible or not" Cheers, Patrik -- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77 _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] new script ms-sql-dac Patrik Karlsson (Jul 10)