Devil
Jan 29 2004, 10:04 AM
tried to remote scan with scansql......it worked....but my problem is that no log.txt came out!!
anybody got a idea why not??
range was ok....sql.dic was up on the stro to....so i just donīt know why i dont get no results!!
thx
Devil
ellitio
Jan 29 2004, 10:29 AM
refresh some time with you'r ftp client
hit F5
Cyrus
Jan 29 2004, 05:52 PM
| QUOTE |
sql.dic was up on the stro |
Maybe thats your mistake, the file is sqlpass.dic not sql.dic
x1`
Jan 29 2004, 07:12 PM
id like to know how u make scansql scan a ip list file instead of typing a range or is it not possible?
studnikov
Jan 29 2004, 07:38 PM
to scan for sql ... i would use scan 100/500/1000 to scan for port 1433. Then take those results load them into x-scan. Then remotly scan with x-scan to get your results needed to colplete your task. Thats if scansql just wont work for ya.
Devil
Jan 30 2004, 11:58 AM
ok....but how can i remote scan with xscan.....using the list of open ports??
i know how to remote scan normally but not adding a list to it....can u help me out on that one please?
thx
Devil
Thom
Jan 30 2004, 12:44 PM
How do you know it worked if you didnt get a log?
nolimit
Jan 30 2004, 06:53 PM
Yea log.txt isn't made until you got a hit, prehaps their was none vuln.
Devil
Jan 31 2004, 09:14 AM
i know what ranges to scan to get hits.....thats why....
200 EXEC command successful (TID=33).
that somes to....so it should be working!!!
but again...how can i scan a logfile remote with xscan??
Reaper527
Jan 31 2004, 06:58 PM
| QUOTE (Devil @ Jan 31 2004, 09:14 AM) |
i know what ranges to scan to get hits.....thats why....
200 EXEC command successful (TID=33).
that somes to....so it should be working!!!
but again...how can i scan a logfile remote with xscan?? |
200 EXEC command successful (TID=33). just means that the server executed your command. you could do site exec hiderun.exe and it will say that. it executed hiderun, but does that mean it did anything? so what i'm saying is maybe you setup your scan command wrong and it instantly went to a screen saying your missing a file or something of that sort and thas why you didn't get results. its also possible that you just weren't lucky and it couldn't get any l/p's
hellraiza
Feb 3 2004, 05:23 PM
i cannot open topics , so i post it here :-)
does anybody know which scanner make such a log:
exploit: SQL EXPLOIT PW
port: 1433
string: SA / <pw>
???
barty32
Feb 8 2004, 08:41 PM
I think there are just no results
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
