capsulecorp-pentest icon indicating copy to clipboard operation
capsulecorp-pentest copied to clipboard

Published 20 hours ago verified publisher icon R3dy

MSSQL cli

Open lajudan opened this issue 3 years ago • 3 comments

Mr. Royce, I am not sure but I tried many time and looked at the setting of gohan, SQL server configuration manager, the sa account password, the sql service and the TPC/IP. I ran these commands

  • mssql-cli -S 172.28.128.101 -U sa from pentest
  • sqlcmd -S 172.28.128.101\CAPSULECORPDB -U sa on gohan just to check on connectivity to the SQL database I am getting these errors:

From pentest: Error message: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 40 - Could not open a connection to SQL Server) From gohan: sqlcmd:Error: Microsoft ODBC Driver 13 for SQL Server : Login failed for user 'sa'..

I can ping the server. So I am not really sure what I am missing, why these commands are failing?

lajudan avatar Jul 14 '21 04:07 lajudan

Have you first completed host and service discovery? What ports does nmap say are open on Gohan?

R3dy avatar Jul 14 '21 12:07 R3dy

I ran the Nmap host discovery, port 49768 is the port open to mssql service. The enumerate scan is showing system admin login to this server as: sa WIN-VPVEI0A6767\sa

Is this mean the name the sql server is mapped is WIN-VPVEI0A6767 ? And what is this server name?

Thank you.

lajudan avatar Jul 14 '21 14:07 lajudan

Mr. Royce, Any updates on this?

lajudan avatar Jul 17 '21 20:07 lajudan

Sorry I haven't been responsive on Github issue tracker. It's easier to reach me on Discord!

R3dy avatar Dec 13 '22 16:12 R3dy