Thanks both.
Miroslav - that's what I thought, I just wanted to make sure there was no
obvious technique I was missing out on.
Johnny - Part of the output from the tool you suggested is:
[INFO] Checking OpenRowSet availibility - please wait...
So I assume it still requires this technique.
Obv
Another tool which I've used on tests is SQLiX. Although its not
supported/updated anymore, it works fine for your purpose:
https://www.owasp.org/index.php/Category:OWASP_SQLiX_Project
On Apr 26, 2012, at 4:09 PM, Miroslav Stampar
wrote:
> Hi Chris.
>
> To my knowledge no, but if that DBMS s
Hi Chris.
To my knowledge no, but if that DBMS server is exposed you can always try
brute forcing it directly (e.g.
http://www.offensive-security.com/metasploit-unleashed/MSSQL_Bruter)
Kind regards,
Miroslav Stampar
On Mon, Apr 23, 2012 at 10:52 PM, Chris Oakley wrote:
> Hi All
>
> Not directl
