Forum Thread: Metasploit & Nmap Scan Problem

Metasploit & Nmap Scan Problem

hello, I have a small issue i've been trying to solve here but can't seem to figure out as I am quite new

I try and scan for MSSQL open ports for say a website, and I use metasploit command like so:

use auxiliary/scanner/mssql/mssqlping

and this is what it says: the execution is complete, but doesn't show me any information about the port, if there are any myssql instances. it only says the scanning is complete.

so I tried with nmap and it works when I scan for TCP ports, but when I scan for UDP ports it starts the scan, but never finishes. I dont know if this means it needs a lot of minutes say, 20 or 10, but I have waited probably about 3-4 and it doesnt finish. What am I doing wrong? I need to scan for myssql instances to see where the Database is hidden on a website

any help is very appreciated

6 Responses

It doesn't seem that there was any information for the port, let alone the port existing.

By that I mean, it seems like the website doesn't have the service.

So you are trying to scan a website for an open MSSQL port? Is that what you are trying to do?

It could possibly be the site doesn't have mySQL facing outwards. Also the nmap scan is a little weird, could you post the exact command you ran?

I run the nmap scan command like so

nmap -sV -p 1433 xx-xx-xxx-xx/24

which works for TCP but when I do UDP it doesn't finish

nmap -sV -sU -n -p 1434 xx-xx-xxx-xx/24

I run the nmap scan command like so

nmap -sV -p 1433 xx-xx-xxx-xx/24

which works for TCP but when I do UDP it doesn't finish

nmap -sV -sU -n -p 1434 xx-xx-xxx-xx/24

and yes I am trying to scan a website for MSSQL databases, see what port they are hidden on

Share Your Thoughts

  • Hot
  • Active