Video: MS SQL Preauth Attack, Pwdump and John the Ripper

Active Image
Active Image del.icio.us

Discuss in Forums {mos_smf_discuss:Gates}

Follow along as we perform the following hack: 

  • Exploit of the MSSQL 2000 Hello Buffer Overflow using the C port of the MSF module mssql2000_preauthentication.pm (thanks MC!)
  • Add a user to the local administrators group
  • Use pwdump3e to connect to the host with our administrative level credentials
  • Dump the SAM hashes
  • Crack them using John the Ripper

Enjoy and keep an eye out for future videos. Feel free to post comments and suggestions for future videos.

Thanks,
Chris Gates

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?