[<prev] [next>] [day] [month] [year] [list]
Message-ID: <02d301cab179$5b767710$12636530$@org>
Date: Fri, 19 Feb 2010 13:36:46 -0200
From: "Nelson Brito" <nbrito@...ure.org>
To: <bugtraq@...urityfocus.com>, <pen-test@...urityfocus.com>,
<full-disclosure@...ts.grok.org.uk>, <dailydave@...ts.immunityinc.com>
Subject: [TOOL RELEASE] ENGR SQL FingerprintT [Version
1.00.0006]
.:[ Software Description
This is a tool that performs version fingerprinting on Microsoft SQL Server
2000, 2005 and 2008, using well known techniques based on several public
tools that identifies the SQL Version. The strength of this tool is that it
uses probabilistic algorithm to identify the version of the Microsoft SQL
Server.
The "ENGR SQL FingerprintT" (f.k.a. Microsoft SQL Server Fingerprint Tool)
can also be used to identify vulnerable versions of Microsoft SQL Server -
it is based on some techniques used by Exploit Next GenerationR (ENGv5) to
perform automated penetration test.
This tool can also be used/applied to identify vulnerable/patched version of
the Microsoft SQL Server.
.:[ Software Release Life Cycle
The initial public release is the version 1.00.0006, and the next version
will be 1.01.0007 following the stages:
1. March 29th, 2010: Community Technology Preview (CTP)
2. April 29th, 2010: Release Candidate (RC)
3. May 10th, 2010: Release to Marketing (RTM)
4. May 31st, 2010: General Availability (GA)
.:[ ENGR SQL FingerprintT Version 1.00.0006
The ENGR SQL FingerprintT can be found at:
1. Google Code [http://code.google.com/p/mssqlfp/]
2. Sourceforge [http://sourceforge.net/projects/mssqlfp/]
"Help me to develop this tool... To help me, please, download the Version
1.00.0006, and let me know your thoughts."
This tool is brought to you by Nelson Brito <nbrito[at]sekure.org], Sekure
SDI's member since 1999. Visit my Security Blog:
- FLDPI/FNSTENV/POP/ADD (Brazilian Portuguese language, but I am
using Google Translator to help you):
http://fnstenv.blogspot.com/
PS: I would like to thank everyone that POST something about this tool.
Thank you, very much:
- WebSegura.net:
http://www.websegura.net/2009/12/mssqlfp-microsoft-sql-server-fingerprint-to
ol/
- Darknet.org.uk:
http://www.darknet.org.uk/2010/01/microsoft-sql-server-fingerprint-tool-beta
4/
- Security-shell (@d3v1l):
http://security-sh3ll.blogspot.com/2010/01/mssqlfp-microsoft-sql-server_22.h
tml
- Security Database:
http://www.security-database.com/toolswatch/mssqlfp-Microsoft-SQL-Server.htm
l
- NetCop:
http://netcopsecurity.com/index.php?/topic/915-microsoft-sql-server-fingerpr
int-tool-%E2%80%93-beta4/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists