ms-sql-dac
脚本使用类型:
hostrule
脚本所属分类:
discovery, safe
脚本下载地址: http://nmap.org/svn/scripts/ms-sql-dac.nse
Queries the Microsoft SQL Browser service for the DAC (Dedicated Admin Connection) port of a given (or all) SQL Server instance. The DAC port is used to connect to the database instance when normal connection attempts fail, for example, when server is hanging, out of memory or in other bad states. In addition, the DAC port provides an admin with access to system objects otherwise not accessible over normal connections.
The DAC feature is accessible on the loopback adapter per default, but can be activated for remote access by setting the 'remote admin connection' configuration value to 1. In some cases, when DAC has been remotely enabled but later disabled, the sql browser service may incorrectly report it as available. The script therefore attempts to connect to the reported port in order to verify whether it's accessible or not.
执行格式
sudo nmap -sU -p 1434 --script ms-sql-dac <ip>
| ms-sql-dac: |_ Instance: SQLSERVER; DAC port: 1533
Author: Patrik Karlsson
License: VER007 整理 http://www.ver007.com