akde/infosec

Information security is ultimately about managing risk

1433 MSSQL

Port Checklists

Checklist, MSSQL

Enumeration

Mandatory

Determine version:
nmap -p 445 --script ms-sql-info $target
If credentials are known:
1. Try to connect to the DB (alternative: IntelliJ, …):
  sqsh -U sa -P $password -S $target:1433
2. Try to execute commands:
  msf> use auxiliary/admin/mssql/mssql_exec msf> use windows/mssql/mssql_payload
  1. If mssql_exec doesn’t work, take care of domain/username and powershell.exe ‑command type system.

Optional

Brute-force login (e.g. with msf> use scanner/mssql/mssql_login).

Leave a Reply Cancel reply

You must be logged in to post a comment.

About

Personal collection of some infosec stuff. Primary purpose of this site is to collect and organize for myself.

Note: Some content is not publicly visible due to copyright issues. Therefore, some links could be broken.

Checklists

Categories

Checklists: Ports

python -c 'import pty;pty.spawn("/bin/bash")';

python3 -c 'import pty;pty.spawn("/bin/bash")';