Indeed. Running strings against sqldict.exe produces: <snip> BitBlt CreateCompatibleDC CreateDIBitmap Login failed squelda 1.0 Sorry, couldn't find the password for user "%s". Trying user "%s" with password "%s"... Error: The file read failed! Terminated on request. Error: That dictionary file doesn't exist! The user "%s" has the password "%s". The user "%s" has blank password! The server could not be reached. No password file selected. Missing target account. <snip> Thanks.. On Mon, Dec 02, 2002 at 08:53:24AM -0500, Joe Stewart wrote: > On Friday 29 November 2002 12:35 am, John Sage wrote: > > Seen this exact tool once before, back in August, reference: > > > > http://cert.uni-stuttgart.de/archive/intrusions/2002/08/msg00200.html > > The brute-force MSSQL attacks in this probe with the "squelda" reference > were generated by sqldict: http://ntsecurity.nu/toolbox/sqldict/ > > -Joe > > -- > Joe Stewart <jstewartat_private> > Senior Information Security Analyst > ----------------------------------------- > "24x7 Enterprise Security Monitoring" > LURHQ Corporation http://www.lurhq.com/ - John -- NEWS FLASH: Lowest common denominator continues to plummet PGP key: http://www.finchhaven.com/pages/gpg_pubkey.html Fingerprint: C493 9F26 05A9 6497 9800 4EF6 5FC8 F23D 35A4 F705 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Dec 03 2002 - 23:01:33 PST