"Never let school get in the way of learning."
-- Mark Twain
This tool has been released as a simple proof of concept. This
proof of concept is a glimpse at some of the more advanced Graphical
tools we are preparing and packaging for the future. This tool
along with many others will help assist with both internal and external
penetration tests.
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$$$$'`$$$$$$$$$$$$$'`$$$ MSSQL OWNAGE
$$$$$$ $$$$$$$$$$$ $$$$
$$$$$$$ '$/ `/ `$' .$$$$ Created By: Bigeazer
$$$$$$$$. i i /! .$$$$$
$$$$$$$$$.--'--' $$$$$$ bigeazer@blacksecurity.org
$$^^$$$$$' J$$$$$$
$$$ ~"" `. .$$$$$$$ IF THERE IS A WILL THERE IS
$$$$$e, ; .$$$$$$$$ A WAY
$$$$$$$$$$$.' $$$$$$$$$
$$$$$$$$$$$$. $$$$$$$$
$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
This was written so I can automate some portions of pentesting.
Now don't get me wrong this is not a ./autohack and done tool. It
will find the sql servers that have a default sa password and will try
and bruteforce the sa password if it isn't set on default.
You will need to get your own dic file. The one
from crack works real well. Also.. it is pretty easy to
use. It scans a subnet in about 3 seconds, but at times you need
to reset the default timeout to make sure you don't miss
anything. This isn't multi threaded in anyway.. but the next release will be.
Future improvements:
Multithreaded
Auto Added default user
Auto get sam
EXAMPLE:
bash$ python multimssqlcli.py 172.26.51.0/24
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$$$$'`$$$$$$$$$$$$$'`$$$ MSSQL OWNAGE
$$$$$$ $$$$$$$$$$$ $$$$
$$$$$$$ '$/ `/ `$' .$$$$ Created By: Bigeazer
$$$$$$$$. i i /! .$$$$$
$$$$$$$$$.--'--' $$$$$$
$$^^$$$$$' J$$$$$$
$$$ ~"" `. .$$$$$$$ IF THERE IS A WILL THERE IS
$$$$$e, ; .$$$$$$$$ A WAY
$$$$$$$$$$$.' $$$$$$$$$
$$$$$$$$$$$$. $$$$$$$$
$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
------------------------------------------------------
Checking for default sql servers and SA pass
------------------------------------------------------
172.26.51.104 - Connected Default SA Password
------------------------------------------------------
Checking for IPs that need to be bruteforced
------------------------------------------------------
1 ips to bruteforce
Checking 869234 passwords
Currently checking 172.26.51.173
172.26.51.173 - Found Password: 0mgMyPassw0rd
Download Now!