Brute forcing MS SQL passwords
System administrators and penetration testers often need to check for weak passwords as part of the organization's security policy. Nmap can help us to perform dictionary attacks against MS SQL servers.
This recipe shows how to perform brute force password auditing of MS SQL servers with Nmap.
How to do it...
To perform brute force password auditing against an MS SQL server, run the following Nmap command:
$ nmap -p1433 --script ms-sql-brute <target>
If any valid accounts are found, they will be included in the script output section:
PORT STATE SERVICE 1433/tcp open ms-sql-s | ms-sql-brute: | [192.168.1.102:1433] | Credentials found: |_ sa:karate
How it works...
MS SQL servers usually run on TCP port 1433
. The -p1433 --script ms-sql-brute
argument initiate the NSE script ms-sql-brute
if a MS SQL server is found running on port 1433
.
The ms-sql-brute
script was written by Patrik Karlsson. It performs brute force password...