1433 - Pentesting mssql

Hacktricks

Microsoft SQL (MSSQL) is Microsoft's SQL-based relational database management system.

By default, the typical ports used by SQL Server and associated database engine services are: TCP 1433, 4022, 135, 1434, UDP 1434

Impacket's mssqlclient.py

locate mssqlclient
# Nmap script engine
sudo nmap --script ms-sql-info,ms-sql-empty-password,ms-sql-xp-cmdshell,ms-sql-config,ms-sql-ntlm-info,ms-sql-tables,ms-sql-hasdbaccess,ms-sql-dac,ms-sql-dump-hashes --script-args mssql.instance-port=1433,mssql.username=sa,mssql.password=,mssql.instance-name=MSSQLSERVER -sV -p 1433 10.129.201.248
# MSSQL Ping in Metasploit
scanner/mssql/mssql_ping
# Connecting with mssqld
python3 mssqlclient.py Administrator@10.129.201.248 -windows-auth
Previous623/UDP/TCP - IPMINext2049 - NFS Pentesting

Last updated