SQL Fingerprint Xmas Released | Learn How To Hack - Ethical Hacking and security tips

Subscribe & Don,t Miss A Free Hacking Course| Receive Daily Updates

Enter your email address:

SQL Fingerprint Xmas Released



Microsoft SQL Server fingerprinting can be a time consuming process, because it involves trial and error methods to determine the exact version. Intentionally inserting an invalid input to obtain a typical error message or using certain alphabets that are unique for certain server are two of the many ways to possibly determine the version, but most of them require authentication, permissions and/or privileges on Microsoft SQL Server to succeed.

Instead, ESF.pl uses a combination of crafted packets for SQL Server Resolution Protocol (SSRP) and Tabular Data Stream Protocol (TDS) (protocols natively used by Microsoft SQL Server) to accurately perform version fingerprinting and determine the exact Microsoft SQL Server version. ESF.pl also applies a sophisticated Scoring Algorithm Mechanism (Powered by Exploit Next Generation++ Technology), which is a much more reliable technique to determine the Microsoft SQL Server version. It is a tool intended to be used by:



This version is a completely rewritten version in Perl, making ESF.pl much more
 portable than the previous binary version (Win32), and its original purpose is 
to be used as a tool to perform automated penetration test. This version 
also includes the followingMicrosoft SQL Server versions to its fingerprint 
database:
        • Microsoft SQL Server 2012 SP1 (CU1)
        • Microsoft SQL Server 2012 SP1
        • Microsoft SQL Server 2012 SP1 CTP4
        • Microsoft SQL Server 2012 SP1 CTP3
        • Microsoft SQL Server 2012 SP0 (CU4)
        • Microsoft SQL Server 2012 SP0 (MS12-070)
        • Microsoft SQL Server 2012 SP0 (CU3)
        • Microsoft SQL Server 2012 SP0 (CU2)
        • Microsoft SQL Server 2012 SP0 (CU1)
        • Microsoft SQL Server 2012 SP0 (MS12-070)
        • Microsoft SQL Server 2012 SP0 (KB2685308)
        • Microsoft SQL Server 2012 RTM


Download: http://code.google.com

Source: http://code.google.com/p/sql-fingerprint-next-generation




Share your views...

0 Respones to "SQL Fingerprint Xmas Released"

Post a Comment

 

© 2011 Learn How To Hack - Ethical Hacking and security tips All Rights Reserved Learn Hacking Online hackguide4u.com