Waraxe IT Security Portal
Login or Register
November 21, 2024
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 67
Members: 0
Total: 67
Full disclosure
SEC Consult SA-20241112-0 :: Multiple vulnerabilities in Siemens Energy Omnivise T3000 (CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879)
Security issue in the TX Text Control .NET Server for ASP.NET.
SEC Consult SA-20241107-0 :: Multiple Vulnerabilities in HASOMED Elefant and Elefant Software Updater
Unsafe eval() in TestRail CLI
4 vulnerabilities in ibmsecurity
32 vulnerabilities in IBM Security Verify Access
xlibre Xnest security advisory & bugfix releases
APPLE-SA-10-29-2024-1 Safari 18.1
SEC Consult SA-20241030-0 :: Query Filter Injection in Ping Identity PingIDM (formerly known as ForgeRock Identity Management) (CVE-2024-23600)
SEC Consult SA-20241023-0 :: Authenticated Remote Code Execution in Multiple Xerox printers (CVE-2024-6333)
APPLE-SA-10-28-2024-8 visionOS 2.1
APPLE-SA-10-28-2024-7 tvOS 18.1
APPLE-SA-10-28-2024-6 watchOS 11.1
APPLE-SA-10-28-2024-5 macOS Ventura 13.7.1
APPLE-SA-10-28-2024-4 macOS Sonoma 14.7.1
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Sql injection -> Connect to MSSQL
Post new topicReply to topic View previous topic :: View next topic
Connect to MSSQL
PostPosted: Sun Jun 25, 2006 8:11 pm Reply with quote
tap
Beginner
Beginner
Joined: Jun 20, 2006
Posts: 2




i have an user and pass of sql for a web site like this
Provider=SQLOLEDB.1;Password=*****;Persist Security Info=True;User ID=******;Data Source=********
its windows sql server
how can i use this and with wich tool can connect to this
please help me
thanks
View user's profile Send private message
PostPosted: Mon Jun 26, 2006 2:44 pm Reply with quote
waraxe
Site admin
Site admin
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




What type of access do you have to sql/web server? And where you got that connection string? Anyway you need some access to sql server. For example TCP remote connection through ports 1433 or 2433. But in most cases those ports are not accessible. Then you need physical access to sql server.
Share more info Smile
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Wed Aug 16, 2006 7:54 am Reply with quote
oxygenne
Advanced user
Advanced user
Joined: Apr 13, 2005
Posts: 52




Is there any perl or php script to access mssql.

Following methods seems not to work:
use DBI;
my $DSN = 'driver={SQL
Server};Server=node.domain.com;database=my_database;uid=username;
pwd=userpw;';
my $dbh = DBI->connect("dbi:ODBC:$DSN", 'username', 'userpw',
{ RaiseError => 1, AutoCommit => 1 })
or die "$DBI::errstr\n";

or, in Win32::;

use Win32::ODBC;
my $DSN = 'driver={SQL
Server};Server=node.domain.com;database=my_database;uid=username;
pwd=userpw;';
my $db = new Win32::ODBC("$DSN") or die Win32::ODBC::Error();
View user's profile Send private message
PostPosted: Wed Aug 16, 2006 8:45 am Reply with quote
ToXiC
Moderator
Moderator
Joined: Dec 01, 2004
Posts: 181
Location: Cyprus




oxygenne wrote:
Is there any perl or php script to access mssql.

Following methods seems not to work:
use DBI;
my $DSN = 'driver={SQL
Server};Server=node.domain.com;database=my_database;uid=username;
pwd=userpw;';
my $dbh = DBI->connect("dbi:ODBC:$DSN", 'username', 'userpw',
{ RaiseError => 1, AutoCommit => 1 })
or die "$DBI::errstr\n";

or, in Win32::;

use Win32::ODBC;
my $DSN = 'driver={SQL
Server};Server=node.domain.com;database=my_database;uid=username;
pwd=userpw;';
my $db = new Win32::ODBC("$DSN") or die Win32::ODBC::Error();


PHP WITH DSN

Code:
<?php

//connect to a DSN "myDSN"
$conn = odbc_connect('myDSN','','');

if ($conn)
{
//the SQL statement that will query the database
$query = "select * from cars";
//perform the query
$result=odbc_exec($conn, $query);

echo "<table border=\"1\"><tr>";

//print field name
$colName = odbc_num_fields($result);
for ($j=1; $j<= $colName; $j++)
{
echo "<th>";
echo odbc_field_name ($result, $j );
echo "</th>";
}

//fetch tha data from the database
while(odbc_fetch_row($result))
{
echo "<tr>";
for($i=1;$i<=odbc_num_fields($result);$i++)
{
echo "<td>";
echo odbc_result($result,$i);
echo "</td>";
}
echo "</tr>";
}

echo "</td> </tr>";
echo "</table >";

//close the connection
odbc_close ($conn);
}
else echo "odbc not connected";
?>

PHP WITHOUT DSN by using a connection string
Code:

<?php
$myServer = "localhost";
$myUser = "your_name";
$myPass = "your_password";
$myDB = "examples";

//create an instance of the ADO connection object
$conn = new COM ("ADODB.Connection")
or die("Cannot start ADO");

//define connection string, specify database driver
$connStr = "PROVIDER=SQLOLEDB;SERVER=".$myServer.";UID=".$myUser.";PWD=".$myPass.";DATABASE=".$myDB;
$conn->open($connStr); //Open the connection to the database

//declare the SQL statement that will query the database
$query = "SELECT * FROM cars";

//execute the SQL statement and return records
$rs = $conn->execute($query);

$num_columns = $rs->Fields->Count();
echo $num_columns . "<br>";

for ($i=0; $i < $num_columns; $i++) {
$fld[$i] = $rs->Fields($i);
}

echo "<table>";

while (!$rs->EOF) //carry on looping through while there are records
{
echo "<tr>";
for ($i=0; $i < $num_columns; $i++) {
echo "<td>" . $fld[$i]->value . "</td>";
}
echo "</tr>";
$rs->MoveNext(); //move on to the next record
}


echo "</table>";

//close the connection and recordset objects freeing up resources
$rs->Close();
$conn->Close();

$rs = null;
$conn = null;
?>


To create 'examples' database on your MSSQL Server you should run the following script:

CREATE DATABASE examples;
USE examples;
CREATE TABLE cars(
id int UNIQUE NOT NULL,
name varchar(40),
year varchar(50),
PRIMARY KEY(id)
);

INSERT INTO cars VALUES(1,'Mercedes','2000');
INSERT INTO cars VALUES(2,'BMW','2004');
INSERT INTO cars VALUES(3,'Audi','2001');

_________________
who|grep -i blonde|talk; cd~;wine;talk;touch;unzip;touch; strip;gasp;finger;gasp;mount; fsck; more; yes; gasp; umount; make clean; sleep;wakeup;goto http://www.md5this.com
View user's profile Send private message Visit poster's website MSN Messenger
:(
PostPosted: Wed Aug 16, 2006 6:57 pm Reply with quote
oxygenne
Advanced user
Advanced user
Joined: Apr 13, 2005
Posts: 52




Some error ocured Call to a member function on a non-object at this line $conn->open($connStr)
View user's profile Send private message
Re: :(
PostPosted: Fri Aug 18, 2006 9:53 am Reply with quote
ToXiC
Moderator
Moderator
Joined: Dec 01, 2004
Posts: 181
Location: Cyprus




oxygenne wrote:
Some error ocured Call to a member function on a non-object at this line $conn->open($connStr)


double check your databse settingz at the top

$myServer = "localhost";
$myUser = "your_name";
$myPass = "your_password";
$myDB = "examples";

_________________
who|grep -i blonde|talk; cd~;wine;talk;touch;unzip;touch; strip;gasp;finger;gasp;mount; fsck; more; yes; gasp; umount; make clean; sleep;wakeup;goto http://www.md5this.com
View user's profile Send private message Visit poster's website MSN Messenger
PostPosted: Fri Aug 18, 2006 6:53 pm Reply with quote
oxygenne
Advanced user
Advanced user
Joined: Apr 13, 2005
Posts: 52




I don't know if php was compiled with mssql support anyway here is nice java script that has done the job perfectly

<%@ page contentType="text/html; charset=windows-1255" language="java" import="java.sql.*"%>
<head>
<title> JSP, MSSQL version</title>
</head>
<body bgcolor="white">
<%
try {

Class.forName("com.microsoft.jdbc.sqlserver.SQLServerDriver");
} catch (ClassNotFoundException e) {
out.println("<h1>Driver not found:" + e + e.getMessage() + "</h1>" );
}
try {
Connection conn = DriverManager.getConnection ("jdbc:microsoft:sqlserver://server:1433;DatabaseName=name of database","user", "pass");

Statement stmt = conn.createStatement();
ResultSet rs;

rs = stmt.executeQuery("select * from dbo.database");
out.println( "<table>" );
while ( rs.next() ) {
String title = rs.getString("column1");
String director = rs.getString("column2");
String origin = rs.getString("column3");
String made = rs.getString("column4");
String ment = rs.getString("column5");
String sk = rs.getString("column6");

out.println("<tr><td>"+title+"</td><td>"+director+"</td><td>"+origin+"</td><td>"+ made+"</td><td>"+ment+"</td><td>"+sk+"</td><td>");
}
out.println( "</table>" );

conn.close();
} catch (Exception e) {
out.println( "<h1>exception: "+e+e.getMessage()+"</h1>" );
}
%>
</html>
View user's profile Send private message
Connect to MSSQL
www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT
Page 1 of 1

Post new topicReply to topic


Powered by phpBB © 2001-2008 phpBB Group



Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.065 Seconds