MSSQL (1433-2433)

Microsoft SQL Server.

Protocol Information

Microsoft SQL Server is a relational database management system developed by Microsoft.

Port

1433 TCP	MSSQL
2433 TCP	MSSQL

Interact

You can check if it is possible to log in with user “root” and password “”.

Tools	Details
impacket-mssqlclient	mssqlclient.py [<DOMAIN>/]<USER>@<IP> -windows-auth
sqsh	From Windows (After queries type GO on new line) sqsh -S <IP> -U <USER> -P <PASSWORD>
sqlcmd	From Windows (After queries type GO on new line) sqlcmd -S <IP> -U <USER> -P <PASSWORD>
PowerUpSQL	From Windows (Cheat-Sheet) Import-Module .\PowerUpSQL.ps1 Get-SQLInstanceDomain Get-SQLQuery -Verbose -Instance "<IP>,<PORT>" -username "<DOMAIN>\<USER>" -password "<PASS>" -query 'Select @@version'

Or Connect with dbeaver.

> select name from sys.databases
> use <DB_NAME>
> SELECT * FROM information_schema.tables;
> SELECT * from <TABLE>;
> SELECT * FROM sys.objects;   # sysusers 

Attacks

• SQLi and more with MSSQL