lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <02d301cab179$5b767710$12636530$@org>
Date: Fri, 19 Feb 2010 13:36:46 -0200
From: "Nelson Brito" <nbrito@...ure.org>
To: <bugtraq@...urityfocus.com>, <pen-test@...urityfocus.com>,
	<full-disclosure@...ts.grok.org.uk>, <dailydave@...ts.immunityinc.com>
Subject: [TOOL RELEASE] ENGR SQL FingerprintT [Version
	1.00.0006]

.:[ Software Description

This is a tool that performs version fingerprinting on Microsoft SQL Server
2000, 2005 and 2008, using well known techniques based on several public
tools that identifies the SQL Version. The strength of this tool is that it
uses probabilistic algorithm to identify the version of the Microsoft SQL
Server.

The "ENGR SQL FingerprintT" (f.k.a. Microsoft SQL Server Fingerprint Tool)
can also be used to identify vulnerable versions of Microsoft SQL Server -
it is based on some techniques used by Exploit Next GenerationR (ENGv5) to
perform automated penetration test.

This tool can also be used/applied to identify vulnerable/patched version of
the Microsoft SQL Server.

.:[ Software Release Life Cycle

The initial public release is the version 1.00.0006, and the next version
will be 1.01.0007 following the stages:

	1. March 29th, 2010: Community Technology Preview (CTP)
	2. April 29th, 2010: Release Candidate (RC)
	3. May 10th, 2010: Release to Marketing (RTM)
	4. May 31st, 2010: General Availability (GA)

.:[ ENGR SQL FingerprintT Version 1.00.0006

The ENGR SQL FingerprintT can be found at:

	1. Google Code [http://code.google.com/p/mssqlfp/]
	2. Sourceforge [http://sourceforge.net/projects/mssqlfp/]

"Help me to develop this tool... To help me, please, download the Version
1.00.0006, and let me know your thoughts."

This tool is brought to you by Nelson Brito <nbrito[at]sekure.org], Sekure
SDI's member since 1999. Visit my Security Blog:
	- FLDPI/FNSTENV/POP/ADD (Brazilian Portuguese language, but I am
using Google Translator to help you):
	  http://fnstenv.blogspot.com/

PS: I would like to thank everyone that POST something about this tool.
Thank you, very much:
	- WebSegura.net:
	
http://www.websegura.net/2009/12/mssqlfp-microsoft-sql-server-fingerprint-to
ol/
	- Darknet.org.uk:
	
http://www.darknet.org.uk/2010/01/microsoft-sql-server-fingerprint-tool-beta
4/
	- Security-shell (@d3v1l):
	
http://security-sh3ll.blogspot.com/2010/01/mssqlfp-microsoft-sql-server_22.h
tml
	- Security Database:
	
http://www.security-database.com/toolswatch/mssqlfp-Microsoft-SQL-Server.htm
l
	- NetCop:
	
http://netcopsecurity.com/index.php?/topic/915-microsoft-sql-server-fingerpr
int-tool-%E2%80%93-beta4/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ