What is this for? -l0rt- http://www.snosoft.com --------------------------------------------------------------------- That file you've been guarding, isn't. --------------------------------------------------------------------- On Wed, 3 Apr 2002 nicobat_private wrote: > Hi ! > > I'm actually collecting the differents strings send by MS-SQL servers during the authentification phase. > I want to collect as much banners as possible, for differents versions (6.5, 7.0, 2K, ...) and languages (french, spanish, > english, japanese, ...). > > If you want to help me, you just have to download a Perl script [1] from my website and then run it against your MS-SQL > server. > > Usage : mssql-banner.pl adresse_IP user password > (code ripped from Roelof Temmingh's senseql.pl) > > The (edited) output from one of my test machine is : > > 8<----------------------[snip]---------------------------------------------- > > D:\>perl mssql-banner.pl 192.168.1.38 sa "wrong_passwd" > > Testing : .... Login failed for user 'sa' ..... > > D:\>perl mssql-banner.pl 192.168.1.38 sa "good_passwd" > > Testing : ... Changed database context to 'master'..... > > 8<---------------------[/snip]---------------------------------------------- > > The best way to send me easily exploitable results is : > - test with an invalid user/passwd combo, redirecting the output to a file > - test with an valid user/passwd combo, redirecting the output to the same file > - rename the file to $version-$language.txt and send me the file, *without* editing it > > Exotic languages/versions velcome ! > > Note : a Win32 Perl2EXE'd version is available at [2] > > [1] : http://nicob.net/mssql-banner.pl > [2] : http://nicob.net/mssql-banner.exe > > Thanks in advance, > > Nicob > >
This archive was generated by hypermail 2b30 : Thu Apr 04 2002 - 09:06:16 PST