178
◾
Ethical Hacking and Penetration Testing Guide
Using Null Passwords
We can also attempt to authenticate into the MS SQL server by using a null password. We can
do this by using an nmap script called ms-sql-empty-password. The
syntax for the script is as
follows:
nmap –p 1433 --script=ms-sql-empty-password
The output would look like this, if the log-in is successful:
| ms-sql-empty-password:
| [172.16.222.152\PROD]
|_ sa: => Login Success
Dostları ilə paylaş: