Re: [Plugins-writers] mssql_blank_password.nasl and mssql_brute_force.nasl

From: Dennis Jackson (Dennis.Jackson@private)
Date: Thu Feb 26 2004 - 13:46:34 PST

  • Next message: Audun Larsen: "[Plugins-writers] RobotFTP"

    At 1:37 +0000 26/2/2004, H D Moore wrote:
    > I consider these two separate vulnerabilities. The reason is that blank 
    > passwords are normally the result of a default configuration or insecure 
    > application install (many apps bundle a wide-open MSDE service), where a 
    > common or weak account password is a admin/developer training issue. 
    
    I would have thought the vulnerability is the same - an 
    easily guessable password.
    
    However, the reason for the vulnerability may be the 
    result of different actions.
    
    Although the name of the script is mssql_brute_force.nasl 
    it only check 11 different combinations of username and 
    password. It isn't really a brute force attempt at guessing 
    the password. 
    
    
    > Maybe move the login routines into a mssql_funcs.inc and have each plugin 
    > include it? Combining them into one plugin would work, provided the 
    > report differentiates between blank and weak passwords.
    
    mssql_brute_force.nasl already reports the username and 
    password. The only addition would be an explanation that 
    a blank password is likely to be the result of a default 
    install.
    
    
    > On Wednesday 25 February 2004 18:14, Dennis Jackson wrote:
    > > Should the two scripts mssql_blank_password.nasl and
    > > mssql_brute_force.nasl be merged into one?
    > >
    > > The first script simply tests for the combination of
    > > username "sa" password "". While the second scripts tests
    > > for eleven different combinations of username and
    > > password. It would be trivial to add "sa" / "" into the
    > > list in mssql_brute_force.nasl
    > >
    > > As a further change, some of the description in
    > > mssql_blank_password.nasl should be added into the report
    > > produced by mssql_brute_force.nasl
    > >
    > >
    > > Dennis.
    
    
    _______________________________________________
    Plugins-writers mailing list
    Plugins-writers@private
    http://mail.nessus.org/mailman/listinfo/plugins-writers
    



    This archive was generated by hypermail 2b30 : Thu Feb 26 2004 - 13:48:15 PST