sql injection – ms sqlexpress

MyExploit presents Rocktastic one billion, unique word combination password dictionary


1. To access SQLExpress

C:\Documents and Settings\11>osql -E .\SQLEXPRESS

2. To configure xp_cmdShell on SQLExpress

1> sp_Configure ‘xp_cmdShell’, 1 — Enable xp_cmdShell
2> GO

3. If you see this error bellow

Msg 15123, Level 16, State 1, Server test\SQLEXPRESS, Procedure sp_configure, Line 51
The configuration option ‘xp_cmdShell’ does not exist, or it may be an advanced option.

4. Fix for this error

1> EXEC sp_configure ‘show advanced options’, 1;
2> GO

Configuration option ‘show advanced options’ changed from 0 to 1. Run the RECONFIGURE statement to install.

1> RECONFIGURE;
2> GO

1> EXEC sp_configure ‘xp_cmdshell’,1
2> GO

Configuration option ‘xp_cmdshell’ changed from 0 to 1. Run the RECONFIGURE statement to install.

1> RECONFIGURE
2> GO
1>

————————————————————

1. Chanages made to SQLEXPRESS for lab work.

WinXP with Microsoft SQL Server 2005 RTM

Regedit

HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Microsoft SQL Server/MSSQLServer/
DWORD – LoginMode + rightclick Modify Value data: = 2

C:\Documents and Settings\test>osql -E .\SQLEXPRESS
1> ALTER LOGIN sa enable;
2> go
1> ALTER LOGIN sa WITH PASSWORD=”
2> go
Msg 15118, Level 16, State 1, Server TP-A123456789BCD\SQLEXPRESS, Line 1
Password validation failed. The password does not meet Windows policy
requirements because it is not complex enough.
1> ALTER LOGIN sa WITH PASSWORD=”, CHECK_POLICY=OFF
2> go
1>

————————————————————

2. Testing the account works

C:\Documents and Settings\test>osql -S .\SQLEXPRESS -U sa (press enter)
Password: (press enter)
1>

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s