|
|
||||||||||||||||||
|
Full Version: Best Sql Password Tester
hi all, sorry for my english, i'm french
i would like to know what's the best program to test a txt file whive sql ips that are scanned whive sfind on port 1433 i know that some peaple would say xscan, this program test sql password from a file but i would like to know if an other program does it too because xscan as command line it's not the best and it's not very quick (speed) are there other normal programs as hscan or other or command lines that can test sql ips that are scan whive sfind ??? thanks a lot 
this one sqllhf:
SQLck.exe is also a very good program to use... i use it myself..
yuu can use external txt files with usernames / passwords
SQLck.exe is not that good, and becareful it has a hidden backdoor in it. Also, I think sqllhf is a much better tester
ok then i think i have to try that program sometime...
but sqlck does the job for now .. when i have the time i'm gonna check out the sqlhf thingy
u can also writ a small bat for scansql to check a list because i dont like the way sqllhf first ping all hosts and only then checks them for mssql and weak pass
I still use xscan for that.
if you want a specific server use forcesql to really brute force the pw
greetz
The best sql password checker is sqllhf in my opinion. I use xscan 3.0 also, but this one is a lot slower then sqllhf.
I also use a combination of scan1000.exe and xray.
I had a lot results with this way to scan. (Sorry, my english ist not that good, I'm one of these German's  )BacKZoiD
eeemm, where can i get a good pw-list? there were posted a lot of lists here, but i don't want a 4 mb list. i'm searching a small one with good passwords...
thx
Just create your own. If you want a minimum-PWD-List do it like this: Username: sa admin Admin administrator Administrator 1 12 123 1234 12345 123456 Sa sql pass Pass password password pwd PWD Pwd and as the password-List the same, I find fast results with this method. But its stupid to use a small list, cause you overscan some results. And this is damn ugly  BacKZoiD
I use a port scanner to find sql host and then Xscan with user and pass dic a little more bigger that the two ones that comes by default
well kinda stupid your list isn't it? you knew that mssql isn't case sensitive? it wont make a difference if you enter Pass, PAss, pAsS. so take your list remove the dubes how many passes are left .. 5? ^^
Another tool you may want to consider to test SQL passwords is by NGSS.
SQL Crack by NGSS or you can read about it via the brochure you'll need Adobe to view the brochure as it is in pdf format.
note ngss sqlcrack is not to scan for passes. its to audit the strange of your passwords. it gets the hashes from the mssql server and compairs them with a dictonary or by bruteforcing.
you already need a system admin account to the mssql server to make this work. its pretty fast too. when someone reads the pdf, they tell that you would need to guess the upper-lowercase variant of the actual password, also I had never understood why you would need that or how you would do that since mssql password input is not casesensitive (microsoft again proofed how stupid they are..)
for scanning only one sql server i use forcesql .. this tool is for bruteforce with given charset and given password length
heres link forcesql.zip
ForceSQL v2.0 Passwords are one of the main sources of insecurity in any setup. Especially for a critical database. This utility tries to guess the password of an MS SQL Server user. The features of v2.0 are: 1. Easy Command-Line Control 2. Dictionary Attack 3. Brute Force Attack 4. Much faster than v1.0 5. It allows you to choose a port other than 1433 This tool just needs the IP address or machine name of the SQL Server and the user ID that you wish to check. If you choose to brute force, enter the characters to search for in the 'charset.txt' file and the maximum password length at the command line (see Usage below). Also make sure to include the dictionary file ' words.txt ' in the same place as forceSQL.exe for the dictionary attack. Usage : 1. For the Dictionary Attack: forceSQL [IP] [UserID] -d 2. For the Brute Force Attack: forceSQL [IP] [UserID] -b [length] 3. In case the port is other than 1433, you can append it to the IP seperated by a comma. Like so: forceSQL [IP,port] [UserID] -b [length] Example: For a ten-character brute-force attack on an SQL Server running at 10.0.0.1 and port 5001: forceSQL 10.0.0.1,5001 -b 10 New Features: The tremendous increase in speed of v2.0 over v1.0 is because we are no longer using any SQL/ODBC API. We spent some time figuring out the packet structure of the authentication packet as it flows over the wire. We then replicated the packet and used that to carry out the authentication, thus bypassing everything else and going directly to the Network Layer. This greatly reduced the overhead of allocating and using the SQL Handles, and the SQL API. It now checks at more than 40 passwords per second depending on network connectivity. The second significant feature we have added is that of Brute Forcing. Works on: Windows NT/2000/98/95 Coded by: Nilesh Burghate Home Page: http://www.nii.co.in/research/tools.html
thx for this links :-)
i'm using xscan 3.0 to check for sql passwords since it has the option to insert your password list in sql_pass.dic
i think ForceSQL v2.0 is faster than xscan 3.0 and a better choice if you prefer it. i've seen a a proggie called sqlbf, to check for sql password but not sure how to get it to work. anyone care to explain sqlbf?
xscan typically. anything that i can load more passes on and most important is remote
all of the cmd line scanners can do remote too, and use the same pass list, you just need to set up on a server and just run the program, some of them are better than xscan
thx 4
ForceSQL v2.0 nice 
I use Sqlck
works fine for me ! you can brute for User and Pass, and it very fast !
scansql is the best.
You can use also
Xscan very nice scanner for ftp pub,sql,etc...
hahahahahaaha!
hey tnx guys 4 ForceSQL & SQLLHF...
was just looking 4 this kind of proggi. ForceSQL looks VERY promising ;P This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
|
||||||||||||||||||
