Waraxe IT Security Portal  
  Login or Register
::  Home  ::  Search  ::  Your Account  ::  Forums  ::   Waraxe Advisories  ::  Tools  ::
March 28, 2024
Menu
 Home
 Logout
 Discussions
 Forums
 Members List
 IRC chat
 Tools
 Base64 coder
 MD5 hash
 CRC32 checksum
 ROT13 coder
 SHA-1 hash
 URL-decoder
 Sql Char Encoder
 Affiliates
 y3dips ITsec
 Md5 Cracker
 User Manuals
 AlbumNow
 Content
 Content
 Sections
 FAQ
 Top
 Info
 Feedback
 Recommend Us
 Search
 Journal
 Your Account



User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145

People Online:
Visitors: 479
Members: 0
Total: 479
PacketStorm News
·301 Moved Permanently

read more...
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index -> Sql injection -> Connect to MSSQL
Post new topic  Reply to topic View previous topic :: View next topic 
Connect to MSSQL
PostPosted: Sun Jun 25, 2006 8:11 pm Reply with quote
tap
Beginner
Beginner
 
Joined: Jun 20, 2006
Posts: 2




i have an user and pass of sql for a web site like this
Provider=SQLOLEDB.1;Password=*****;Persist Security Info=True;User ID=******;Data Source=********
its windows sql server
how can i use this and with wich tool can connect to this
please help me
thanks
View user's profile Send private message
PostPosted: Mon Jun 26, 2006 2:44 pm Reply with quote
waraxe
Site admin
Site admin
 
Joined: May 11, 2004
Posts: 2407
Location: Estonia, Tartu




What type of access do you have to sql/web server? And where you got that connection string? Anyway you need some access to sql server. For example TCP remote connection through ports 1433 or 2433. But in most cases those ports are not accessible. Then you need physical access to sql server.
Share more info Smile
View user's profile Send private message Send e-mail Visit poster's website
PostPosted: Wed Aug 16, 2006 7:54 am Reply with quote
oxygenne
Advanced user
Advanced user
 
Joined: Apr 13, 2005
Posts: 52




Is there any perl or php script to access mssql.

Following methods seems not to work:
use DBI;
my $DSN = 'driver={SQL
Server};Server=node.domain.com;database=my_database;uid=username;
pwd=userpw;';
my $dbh = DBI->connect("dbi:ODBC:$DSN", 'username', 'userpw',
{ RaiseError => 1, AutoCommit => 1 })
or die "$DBI::errstr\n";

or, in Win32::;

use Win32::ODBC;
my $DSN = 'driver={SQL
Server};Server=node.domain.com;database=my_database;uid=username;
pwd=userpw;';
my $db = new Win32::ODBC("$DSN") or die Win32::ODBC::Error();
View user's profile Send private message
PostPosted: Wed Aug 16, 2006 8:45 am Reply with quote
ToXiC
Moderator
Moderator
 
Joined: Dec 01, 2004
Posts: 181
Location: Cyprus




oxygenne wrote:
Is there any perl or php script to access mssql.

Following methods seems not to work:
use DBI;
my $DSN = 'driver={SQL
Server};Server=node.domain.com;database=my_database;uid=username;
pwd=userpw;';
my $dbh = DBI->connect("dbi:ODBC:$DSN", 'username', 'userpw',
{ RaiseError => 1, AutoCommit => 1 })
or die "$DBI::errstr\n";

or, in Win32::;

use Win32::ODBC;
my $DSN = 'driver={SQL
Server};Server=node.domain.com;database=my_database;uid=username;
pwd=userpw;';
my $db = new Win32::ODBC("$DSN") or die Win32::ODBC::Error();


PHP WITH DSN

Code:
<?php

//connect to a DSN "myDSN"
$conn = odbc_connect('myDSN','','');

if ($conn)
{
  //the SQL statement that will query the database
  $query = "select * from cars";
  //perform the query
  $result=odbc_exec($conn, $query);

  echo "<table border=\"1\"><tr>";

  //print field name
  $colName = odbc_num_fields($result);
  for ($j=1; $j<= $colName; $j++)
  {
    echo "<th>";
    echo odbc_field_name ($result, $j );
    echo "</th>";
  }

  //fetch tha data from the database
  while(odbc_fetch_row($result))
  {
    echo "<tr>";
    for($i=1;$i<=odbc_num_fields($result);$i++)
    {
      echo "<td>";
      echo odbc_result($result,$i);
      echo "</td>";
    }
    echo "</tr>";
  }

  echo "</td> </tr>";
  echo "</table >";

  //close the connection
  odbc_close ($conn);
}
else echo "odbc not connected";
?>

PHP WITHOUT DSN by using a connection string
Code:

<?php
$myServer = "localhost";
$myUser = "your_name";
$myPass = "your_password";
$myDB = "examples";

//create an instance of the  ADO connection object
$conn = new COM ("ADODB.Connection")
  or die("Cannot start ADO");

//define connection string, specify database driver
$connStr = "PROVIDER=SQLOLEDB;SERVER=".$myServer.";UID=".$myUser.";PWD=".$myPass.";DATABASE=".$myDB;
  $conn->open($connStr); //Open the connection to the database

//declare the SQL statement that will query the database
$query = "SELECT * FROM cars";

//execute the SQL statement and return records
$rs = $conn->execute($query);

$num_columns = $rs->Fields->Count();
echo $num_columns . "<br>";

for ($i=0; $i < $num_columns; $i++) {
    $fld[$i] = $rs->Fields($i);
}

echo "<table>";

while (!$rs->EOF)  //carry on looping through while there are records
{
    echo "<tr>";
    for ($i=0; $i < $num_columns; $i++) {
        echo "<td>" . $fld[$i]->value . "</td>";
    }
    echo "</tr>";
    $rs->MoveNext(); //move on to the next record
}


echo "</table>";

//close the connection and recordset objects freeing up resources
$rs->Close();
$conn->Close();

$rs = null;
$conn = null;
?>


To create 'examples' database on your MSSQL Server you should run the following script:

CREATE DATABASE examples;
USE examples;
CREATE TABLE cars(
id int UNIQUE NOT NULL,
name varchar(40),
year varchar(50),
PRIMARY KEY(id)
);

INSERT INTO cars VALUES(1,'Mercedes','2000');
INSERT INTO cars VALUES(2,'BMW','2004');
INSERT INTO cars VALUES(3,'Audi','2001');

_________________
who|grep -i blonde|talk; cd~;wine;talk;touch;unzip;touch; strip;gasp;finger;gasp;mount; fsck; more; yes; gasp; umount; make clean; sleep;wakeup;goto http://www.md5this.com
View user's profile Send private message Visit poster's website MSN Messenger
:(
PostPosted: Wed Aug 16, 2006 6:57 pm Reply with quote
oxygenne
Advanced user
Advanced user
 
Joined: Apr 13, 2005
Posts: 52




Some error ocured Call to a member function on a non-object at this line $conn->open($connStr)
View user's profile Send private message
Re: :(
PostPosted: Fri Aug 18, 2006 9:53 am Reply with quote
ToXiC
Moderator
Moderator
 
Joined: Dec 01, 2004
Posts: 181
Location: Cyprus




oxygenne wrote:
Some error ocured Call to a member function on a non-object at this line $conn->open($connStr)


double check your databse settingz at the top

$myServer = "localhost";
$myUser = "your_name";
$myPass = "your_password";
$myDB = "examples";

_________________
who|grep -i blonde|talk; cd~;wine;talk;touch;unzip;touch; strip;gasp;finger;gasp;mount; fsck; more; yes; gasp; umount; make clean; sleep;wakeup;goto http://www.md5this.com
View user's profile Send private message Visit poster's website MSN Messenger
PostPosted: Fri Aug 18, 2006 6:53 pm Reply with quote
oxygenne
Advanced user
Advanced user
 
Joined: Apr 13, 2005
Posts: 52




I don't know if php was compiled with mssql support anyway here is nice java script that has done the job perfectly

<%@ page contentType="text/html; charset=windows-1255" language="java" import="java.sql.*"%>
<head>
<title> JSP, MSSQL version</title>
</head>
<body bgcolor="white">
<%
try {

Class.forName("com.microsoft.jdbc.sqlserver.SQLServerDriver");
} catch (ClassNotFoundException e) {
out.println("<h1>Driver not found:" + e + e.getMessage() + "</h1>" );
}
try {
Connection conn = DriverManager.getConnection ("jdbc:microsoft:sqlserver://server:1433;DatabaseName=name of database","user", "pass");

Statement stmt = conn.createStatement();
ResultSet rs;

rs = stmt.executeQuery("select * from dbo.database");
out.println( "<table>" );
while ( rs.next() ) {
String title = rs.getString("column1");
String director = rs.getString("column2");
String origin = rs.getString("column3");
String made = rs.getString("column4");
String ment = rs.getString("column5");
String sk = rs.getString("column6");

out.println("<tr><td>"+title+"</td><td>"+director+"</td><td>"+origin+"</td><td>"+ made+"</td><td>"+ment+"</td><td>"+sk+"</td><td>");
}
out.println( "</table>" );

conn.close();
} catch (Exception e) {
out.println( "<h1>exception: "+e+e.getMessage()+"</h1>" );
}
%>
</html>
View user's profile Send private message
Connect to MSSQL
  www.waraxe.us Forum Index -> Sql injection
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Post new topic  Reply to topic  




Powered by phpBB © 2001-2008 phpBB Group






Space Raider game for Android, free download - Space Raider gameplay video - Zone Raider mobile games
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2020 Janek Vind "waraxe"
Page Generation: 0.188 Seconds