hello, I have a small issue i've been trying to solve here but can't seem to figure out as I am quite new
I try and scan for MSSQL open ports for say a website, and I use metasploit command like so:
use auxiliary/scanner/mssql/mssqlping
and this is what it says: the execution is complete, but doesn't show me any information about the port, if there are any myssql instances. it only says the scanning is complete.
so I tried with nmap and it works when I scan for TCP ports, but when I scan for UDP ports it starts the scan, but never finishes. I dont know if this means it needs a lot of minutes say, 20 or 10, but I have waited probably about 3-4 and it doesnt finish. What am I doing wrong? I need to scan for myssql instances to see where the Database is hidden on a website
any help is very appreciated
6 Responses
It doesn't seem that there was any information for the port, let alone the port existing.
By that I mean, it seems like the website doesn't have the service.
So you are trying to scan a website for an open MSSQL port? Is that what you are trying to do?
It could possibly be the site doesn't have mySQL facing outwards. Also the nmap scan is a little weird, could you post the exact command you ran?
I run the nmap scan command like so
nmap -sV -p 1433 xx-xx-xxx-xx/24
which works for TCP but when I do UDP it doesn't finish
nmap -sV -sU -n -p 1434 xx-xx-xxx-xx/24
I run the nmap scan command like so
nmap -sV -p 1433 xx-xx-xxx-xx/24
which works for TCP but when I do UDP it doesn't finish
nmap -sV -sU -n -p 1434 xx-xx-xxx-xx/24
and yes I am trying to scan a website for MSSQL databases, see what port they are hidden on
Share Your Thoughts