lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <000901cb6704$9b677590$d23660b0$@org>
Date: Fri, 8 Oct 2010 13:19:35 -0300
From: "Nelson Brito" <nbrito@...ure.org>
To: <bugtraq@...urityfocus.com>, <full-disclosure@...ts.grok.org.uk>,
	<dailydave@...ts.immunityinc.com>
Subject: [TOOL RELEASE] Exploit Next Generation SQL
	Fingerprint v.

The Exploit Next GenerationR SQL FingerprintT (f.k.a. Microsoft SQL Server
Fingerprint Tool) is a powerful tool which performs version fingerprinting
for:
	1. Microsoft SQL Server 2000;
	2. Microsoft SQL Server 2005; and
	3. Microsoft SQL Server 2008.

The Exploit Next GenerationR SQL FingerprintT (ESF) uses well-known
techniques based on several public tools that are capable to identify the
Microsoft SQL Server version (such as: SQLping and SQLver), but, instead of
showing only the "raw version" (i.e., Microsoft SQL Version 10.00.2746), the
Exploit Next GenerationR SQL FingerprintT shows the mapped Microsoft SQL
Server version (i.e., Microsoft SQL 2008 SP1 (CU5)). 

The strengths of Exploit Next GenerationR SQL FingerprintT are:
	1. It uses both TCP and UDP protocols to determine the Microsoft SQL
version, making it much more reliable than any other public or commercial
tool.
	2. It is capable to identify multiple Microsoft SQL Server instances
and their TCP communication ports.
	3. It does not require any authentication method to identify the
Microsoft SQL Server version.
	4. It uses probabilistic algorithm to identify the Microsoft SQL
Server version, combining both TCP and UDP fingerprint.

The Exploit Next GenerationR SQL FingerprintT can also be used to identify
vulnerable/unpatched Microsoft SQL Server version, and it is based on some
techniques used by Exploit Next GenerationR Compliance Methodology to
perform automated penetration test. The version 1.10.101008/CTP includes
support to identify the following Microsoft SQL Server versions:
	. Microsoft SQL 2008 SP1 (CU5)
	. Microsoft SQL 2008 SP1 (CU6)
	. Microsoft SQL 2008 SP1 (CU7)
	. Microsoft SQL 2008 SP1 (CU8)
	. Microsoft SQL 2008 SP1 (CU9)
	. Microsoft SQL 2008 SP1 (CU10)
	. Microsoft SQL 2008 SP2 CTP
	. Microsoft SQL 2008 SP2
	. Microsoft SQL 2008 R2 RTM
	. Microsoft SQL 2008 R2 (CU1)
	. Microsoft SQL 2008 R2 (CU2)
	. Microsoft SQL 2008 R2 (CU3)

The Exploit Next GenerationR SQL FingerprintT is currently licensed by
GPLv3, but, until I got all the code revised, the source code will not be
available.

It is available @ http://code.google.com/p/esf/.

Please, be nice and wait for the code review!

Best regards.

Nelson Brito
Security Researcher
http://fnstenv.blogspot.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ