Sign In
Register
Help
Hello guys,
I'm in a network security class right now... I want to use the exploit that hit SQL so hard on port 1434. The UDP exploit, I'm sure you guys know what I'm talking about. Anyway, I had always thought that this was in all SQL 2000 Installations by default, but in all my test installations for this class, I have not been able to get port 1434 open and listening period. I know that the service that runs there is called SQL Server Manager, but I cannot figure out anyway to start it. Does anyone else know more about this?
Thanks! :)
Some Sql Exploit Help Please! Confusion about port 1434#7 Guest_SyN/AcK_*Posted 22 January 2004 - 01:34 PM
I've got the code, that's not the problem. The problem is that I can't figure out why port 1434 UDP isn't listening by default. This was supposed to attack a default SQL Installation, but a default SQL installation for me leaves only port 1433 open. SQL manager is what runs on 1434 if that helps anyone figure this out.
#9 Guest_SyN/AcK_*Posted 22 January 2004 - 07:24 PM unknown00, on Jan 23 2004, 01:09 AM, said: if ur thinkin about hackin and scanning for expliots its usually on p1433 which is ms-sql-s aka Microsoft-SQL-Server. p1434 is ms-sql-m aka Microsoft-SQL-Monitor I know this. There was a nice exploit that came out awhile ago. It made use of port 1434 UDP. It was a buffer overflow. The source code for the vulnerability is on this site. It was the same exploit that SQL Slammer used. What I need to know is why port 1434 is not running by default, which I believe it to be. #11 Guest_SyN/AcK_*Posted 23 January 2004 - 03:42 AM
Sigh... am I not phrasing my question right? I realize that it has a blank SA password, I don't care about that. I want to know why port 1434 isn't running by default when I believe it should be, and what I need to do to enable it. This is for a hacking class that I am a TA for. I know SQL has other vulnerabilities, I need to know this one.
#12
|
Our Sponsors: |
MultiQuote
Posted 23 January 2004 - 06:13 AM
