MSSQL (1433-2433)

Microsoft SQL Server.

Protocol Information

Microsoft SQL Server is a relational database management system developed by Microsoft.

Port

1433 TCP

MSSQL

2433 TCP

MSSQL

Interact

You can check if it is possible to log in with user “root” and password “”.

Tools

Details

impacket-mssqlclient

mssqlclient.py [<DOMAIN>/]<USER>@<IP> -windows-auth

sqsh

From Windows (After queries type GO on new line) sqsh -S <IP> -U <USER> -P <PASSWORD>

sqlcmd

From Windows (After queries type GO on new line) sqlcmd -S <IP> -U <USER> -P <PASSWORD>

PowerUpSQL

From Windows (Cheat-Sheet) Import-Module .\PowerUpSQL.ps1 Get-SQLInstanceDomain Get-SQLQuery -Verbose -Instance "<IP>,<PORT>" -username "<DOMAIN>\<USER>" -password "<PASS>" -query 'Select @@version'

Or Connect with dbeaver.

> select name from sys.databases
> use <DB_NAME>
> SELECT * FROM information_schema.tables;
> SELECT * from <TABLE>;

Attacks

SQLi and more with MSSQL

Last updated 7 months ago

Was this helpful?