Friday, 8 February 2013

MSSQL PHISHING WITH METASPLOIT


Metasploit has a mssql capture module, called mssql. This module provides a fake MSSQL service that is designed to capture MSSQL server authentication credentials. The module supports both the weak encoded database logins as well as Windows logins (NTLM).

To select the capture module type:
use auxiliary/server/capture/mssql


Options
You can set CAINPWFILE option to store captured hashes in Cain&Abel format or JOHNPWFILE to store hashes in John The Ripper format.
Leave SRVHOST option as it is, 0.0.0.0, to listen on the local host. You can configure the module to use SSL.
Testing
After running the module try connecting to the mssql server from another computer on your network to see how it is working.
To connect to a mssql server open your Microsoft SQL Server Management Studio and try to login to the running service.
You will notice that Metasploit has captured the username and the password that you entered in Management Studio.

wawire godwin

About wawire godwin

I am a Professional who has nothing to show, But only my genius.

Subscribe to this Blog via Email :