EvilZone

Other => Found it on the Webs => : Axon June 11, 2014, 10:23:33 PM

: Locate and Attack Domain SQL Servers without Scanning
: Axon June 11, 2014, 10:23:33 PM

In short, the author uses a PowerShell script that uses Service Principal Name (SPN) records from Active Directory to identify and attack SQL Servers on Windows domains without having to perform discovery scanning.
https://www.netspi.com/blog/entryid/228/locate-and-attack-domain-sql-servers-without-scanning

: Re: Locate and Attack Domain SQL Servers without Scanning
: Nero June 12, 2014, 03:18:49 AM

Lol if I'm understand what you are saying correctly, you could use a Google dork to list some vulnerable SQL files.

But I get what you mean. I'll try it later.

: Re: Locate and Attack Domain SQL Servers without Scanning
: luverose June 12, 2014, 03:48:51 AM

I'm not get it

: Re: Locate and Attack Domain SQL Servers without Scanning
: kenjoe41 June 25, 2014, 11:43:43 AM

Fools, he didn't mean a crooked vulnerable sql database-files. The very intent of this is to dodge this and go straight for the domain server, can't be a better choice sometimes since some admins sluck at updating anything except the web server.

It isn't meant to be understood by the faint of heart, learn some assembly, parser some domain charset binaries then hook in an sql server command. tadar;;;

^don't understand that either.