sqlmap icon indicating copy to clipboard operation
sqlmap copied to clipboard
verified publisher icon sqlmapproject

Support to identify linked/cluster DBMS servers when possible

Open bdamele opened this issue 13 years ago • 4 comments

Identify linked/cluster DBMS servers when possible (e.g. MSSQL)

bdamele avatar Jun 26 '12 14:06 bdamele

https://github.com/rapid7/metasploit-framework/pull/976

stamparm avatar Jan 05 '13 20:01 stamparm

Proposed enhancements to MSSQL enumeration:

  1. Add support for linked server enumeration:
  • Proposed cmd: --links
  • Example method: SELECT srvname FROM master..sysservers
  1. Add support for schema enumeration on linked servers:
  • Proposed cmd: -S _LINKEDSERVER_ --dbs
  • Example method: SELECT name FROM _LINKEDSERVER_.master.sys.databases
  1. Add support for sql shell on linked servers.

More info: https://blog.netspi.com/how-to-hack-database-links-in-sql-server/

Thoughts?

ghost avatar Oct 06 '16 13:10 ghost

@lukapusic doable... though, only MsSQL as I can see. So, introducing too many new options for just one DBMS is a coding anti-pattern in sqlmap

stamparm avatar Oct 06 '16 20:10 stamparm

+1 for this. I've had lots of success pillaging through DB links.

FWIW, database links aren't limited to just MSSQL. Oracle has them as well. https://docs.oracle.com/html/E25494_01/ds_concepts002.htm

leechristensen avatar Sep 28 '17 10:09 leechristensen