Subscribe to Hacking Truths. Now, 14031 members!      RSS Feed Be Our Fan on Facebook Twitter SMS Alerts

Home » Hardcore Hacking, Server Hacking

Top 10 Tricks to exploit SQL Server Systems

12 January 2008 8 Comments Posted By Ashik
StumbleUpon.com
Share

3. Enumerating the SQL Server Resolution Service

Running on UDP port 1434, this allows you to find hidden database instances and probe deeper into the system. Chip Andrews’ SQLPing v 2.5 is a great tool to use to look for SQL Server system(s) and determine version numbers (somewhat). This works even if your SQL Server instances aren’t listening on the default ports. Also, a buffer overflow can occur when an overly long request for SQL Servers is sent to the broadcast address for UDP port 1434.

4. Cracking SA passwords

Deciphering SA passwords is also used by attackers to get into SQL Server databases. Unfortunately, in many cases, no cracking is needed since no password has been assigned (Oh, logic, where art thou?!). Yet another use for the handy-dandy SQLPing tool mentioned earlier. The commercial products AppDetective from Application Security Inc. and NGSSQLCrack from NGS Software Ltd. also have this capability.

5. Direct-exploit attacks

Direct attacks using tools such as Metasploit, shown in Figure 2, and its commercial equivalents (CANVAS and CORE IMPACT) are used to exploit certain vulnerabilities found during normal vulnerability scanning. This is typically the silver-bullet hack for attackers penetrating a system and performing code injection or gaining unauthorized command-line access.

Figure 2: SQL Server vulnerability exploitable using Metasploit’s MSFConsole.

Popularity: 3% [?]


Enjoyed this article? Subscribe to Hacking Truths and get daily updates about new cool websites and programs in your email for free.

Pages: 1 2 3 4


8 Comments »

  • List of all the SQL Injection Strings | Hacking Truths said:

    [...] go into detail on why these string work as all these details have been given in my previous article Top 10 Tricks to exploit SQL Server Systems [...]

    # 3 October 2008 at 11:15 pm
  • Top 15 SQL Injection Scanners | Hacking Truths said:

    [...] are not aware of SQL Injection Attack and How it works you need to read my previous article “Top 10 Tricks to exploit SQL Server Systems” [...]

    # 3 October 2008 at 11:17 pm
  • TAHIR KHAN AFRIDI said:

    Sir how can i Hack New VP-ASP Shopping Cart 6.0 or VP-ASP Shopping Cart 6.5 give me Tricks plz sir, i can hack shopping cart 4.0 and 5.0

    # 18 October 2008 at 12:41 am
  • melon said:

    sir how can l hack MTN Network in Ghana to have access to code for sending free sms to National Lottor jackpot pls.

    # 5 February 2009 at 2:41 pm
  • Top 15 SQL Injection Scanners « Ethical Hacking said:

    [...] you are not aware of SQL Injection Attack and How it works you need to read my previous article “Top 10 Tricks to exploit SQL Server Systems” [...]

    # 17 December 2009 at 7:28 am
  • List of all the SQL Injection Strings « Ethical Hacking said:

    [...] go into detail on why these string work as all these details have been given in my previous article Top 10 Tricks to exploit SQL Server Systems [...]

    # 17 December 2009 at 7:29 am
  • alienuv said:

    sir how can i hack joomla

    # 11 January 2010 at 8:00 am
  • suicidal said:

    sir im new here i just want to hack tantra-extreme.com so i will be a100 its a game

    # 21 June 2010 at 8:52 pm

Note : If you have any Query related to the above Article please Post it to the Support Forum.

Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.