PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-14 19:59:02 +00:00
Code Issues Projects Releases Wiki Activity

Added ms-sql-brute.brute-windows-accounts to script documentation. Adjusted existing documentation to improve rendered result on NSEDOC web page.

Browse Source
This commit is contained in:
tomsellers
2011-09-11 14:14:08 +00:00
parent 22a029c21b
commit 03e49171dd
1 changed files with 9 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
scripts/ms-sql-brute.nse
View File

@@ -3,16 +3,13 @@
description = [[ description = [[
Performs password guessing against Microsoft SQL Server (ms-sql). Works best in Performs password guessing against Microsoft SQL Server (ms-sql). Works best in
conjunction with the <code>ms-sql-discover</code> script. conjunction with the <code>broadcast-ms-sql-discover</code> script.
SQL Server credentials required: No (will not benefit from <code>mssql.username</code> & <code>mssql.password</code>).
SQL Server credentials required: No (will not benefit from
<code>mssql.username</code> & <code>mssql.password</code>).
Run criteria: Run criteria:
* Host script: Will run if the <code>mssql.instance-all</code>, <code>mssql.instance-name</code> * Host script: Will run if the <code>mssql.instance-all</code>, <code>mssql.instance-name</code> or <code>mssql.instance-port</code> script arguments are used (see mssql.lua).
or <code>mssql.instance-port</code> script arguments are used (see mssql.lua). * Port script: Will run against any services identified as SQL Servers, but only if the <code>mssql.instance-all</code>, <code>mssql.instance-name</code> and <code>mssql.instance-port</code> script arguments are NOT used.
* Port script: Will run against any services identified as SQL Servers, but only
if the <code>mssql.instance-all</code>, <code>mssql.instance-name</code>
and <code>mssql.instance-port</code> script arguments are NOT used.
WARNING: SQL Server 2005 and later versions include support for account lockout WARNING: SQL Server 2005 and later versions include support for account lockout
policies (which are enforced on a per-user basis). If an account is locked out, policies (which are enforced on a per-user basis). If an account is locked out,
@@ -55,6 +52,10 @@ be disabled using the <code>mssql.scanned-ports-only</code> script argument.
-- even after a user has been locked out. This may result in many SQL -- even after a user has been locked out. This may result in many SQL
-- Server logins being locked out! -- Server logins being locked out!
-- --
-- @args ms-sql-brute.brute-windows-accounts Enable targeting Windows accounts
-- as part of the brute force attack. This should be used in conjunction
-- with the mssql library's mssql.domain argument.
--
-- Created 01/17/2010 - v0.1 - created by Patrik Karlsson <patrik@cqure.net> -- Created 01/17/2010 - v0.1 - created by Patrik Karlsson <patrik@cqure.net>
-- Revised 02/01/2011 - v0.2 (Chris Woodbury) -- Revised 02/01/2011 - v0.2 (Chris Woodbury)