Skorpinok Rover Posted June 13, 2012 Posted June 13, 2012 Hello, I have Backtrack 5R2 & Windows XP SP2 machine with Microsoft's SQL Server 2005 Express installed in virtual box, when i try to Brute Forcing MS SQL Server i get connection refused error, i tried many times to gain access but fails, the firewall & AV are off, please suggest me how to solve this ? Great thanks in advance. Regards. msf auxiliary(mssql_ping) > use scanner/mssql/mssql_login msf auxiliary(mssql_login) > show options msf auxiliary(mssql_login) > set PASS_FILE /pentest/exploits/fasttrack/bin/dict/wordlist.txt PASS_FILE => /pentest/exploits/fasttrack/bin/dict/wordlist.txt msf auxiliary(mssql_login) > set RHOSTS 192.168.56.102 RHOSTS => 192.168.56.102 msf auxiliary(mssql_login) > set THREADS 10 THREADS => 10 msf auxiliary(mssql_login) > set verbose false verbose => false msf auxiliary(mssql_login) > exploit [*] 192.168.56.102:1433 - MSSQL - Starting authentication scanner. [-] 192.168.56.102:1433 MSSQL - [00001/57048] - Bruteforce cancelled against this service. Enable verbose output for service-specific details. [*] Scanned 1 of 1 hosts (100% complete) [*] Auxiliary module execution completed msf auxiliary(mssql_login) > set RHOSTS 192.168.56.102 RHOSTS => 192.168.56.102 msf auxiliary(mssql_login) > set THREADS 10 THREADS => 10 msf auxiliary(mssql_login) > set verbose true verbose => true msf auxiliary(mssql_login) > exploit [*] 192.168.56.102:1433 - MSSQL - Starting authentication scanner. [*] 192.168.56.102:1433 MSSQL - [00001/57048] - Trying username:'sa' with password:'' [-] 192.168.56.102:1433 MSSQL - [00001/57048] - connection failed [-] 192.168.56.102:1433 MSSQL - [00001/57048] - Bruteforce cancelled against this service. [*] Scanned 1 of 1 hosts (100% complete) ------------------------------------------------------------------------------------------------------------------------------- nmap -sT -A -P0 192.168.56.102 Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-06-13 18:23 GST Nmap scan report for 192.168.56.102 Host is up (0.00056s latency). Not shown: 995 closed ports PORT STATE SERVICE VERSION 135/tcp open msrpc Microsoft Windows RPC 139/tcp open netbios-ssn 445/tcp open microsoft-ds Microsoft Windows XP microsoft-ds 3389/tcp open microsoft-rdp Microsoft Terminal Service 31337/tcp open Elite?Host script results: |_nbstat: NetBIOS name: NAVYA, NetBIOS user: <unknown>, NetBIOS MAC: 08:00:27:ef:19:f6 (Cadmus Computer Systems) |_smbv2-enabled: Server doesn't support SMBv2 protocol | smb-security-mode: | Account that was used for smb scripts: guest | User-level authentication | SMB Security: Challenge/response passwords supported |_ Message signing disabled (dangerous, but default) | smb-os-discovery: | OS: Windows XP (Windows 2000 LAN Manager) | Computer name: navya | NetBIOS computer name: NAVYA | Workgroup: WORKGROUP |_ System time: 2012-06-13 18:25:50 UTC-7 | ms-sql-info: | Windows server name: NAVYA | [192.168.56.102\SQLEXPRESS] | Instance name: SQLEXPRESS | Version: Microsoft SQL Server 2005 RTM | Product: Microsoft SQL Server 2005 | Service pack level: RTM | TCP port: 1433 |_ Clustered: No TRACEROUTE HOP RTT ADDRESS 1 0.56 ms 192.168.56.102 OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 128.57 seconds root@bt:~# nmap -sU 192.168.56.102 -p1434 Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-06-13 18:26 GST Nmap scan report for 192.168.56.102 Host is up (0.0017s latency). PORT STATE SERVICE 1434/udp open|filtered ms-sql-m MAC Address: 08:00:27:EF:19:F6 (Cadmus Computer Systems)
Recommended Posts