MSDAT - Microsoft SQL(MsSQL) Database Attacking Tool.

MSDAT – Microsoft SQL(MsSQL) Database Attacking Tool.

LEGAL DISCLAMER!
The author does not hold any responsibility about the bad use of this script, remember that attacking targets without prior concent its ilegal and punish by law, this script was build to show how resource files can automate tasks.

MSDAT (Microsoft SQL Database Attacking Tool) is an open source penetration testing tool that tests the security of Microsoft SQL Databases remotely.

msdat

Usage examples of MSDAT:
– You have a Microsoft database listening remotely and you want to find valid credentials in order to connect to the database
– You have a valid Microsoft SQL account on a database and you want to escalate your privileges
– You have a valid Microsoft SQL account and you want to execute commands on the operating system hosting this DB (xp_cmdshell)
Tested on Microsof SQL database 2008 and 2012.

Features:
MSDAT (Microsoft SQL Database Attacking Tool), you can:
+ get technical information (ex: database version) of a MSSQL database without to be authenticated
+ search MSSQL accounts with a dictionnary attack
+ test each login as password (authentication required)
+ get a windows shell on the database server with
-+- xp_cmdshell
+ download files remotely with:
-+- OLE Automation
-+- bulkinsert
-+- openrowset
+ upload files on the server with:
-+- OLE Automation
-+- openrowset
+ capture a SMB authentication thanks to:
-+- bulkinsert
-+- openrowset
-+- xp_dirtree
-+- xp_fileexist
-+- xp-getfiledetails
+ steal MSSQL hashed password, on an any MSSQL version
+ scan ports through the database:
-+- openrowset
+ execute SQL requests on a remote MSSQL server trough the database (target) with:
-+- bulkinsert
-+- openrowset
+ list files/directories with:
-+- xp_subdirs
-+- xp_dirtree
+ list drives/medias with:
-+- xp_fixeddrives
-+- xp_availablemedia
+ create folder with:
-+- xp_create_subdir

Use and Download:

Source: https://github.com/quentinhardy