Authentication

Testing credentials

You can use two methods to authenticate to the MSSQL: windows or local (default: windows). To use local auth, add the following flag --local-auth

Windows auth

  1. 1.
    With SMB port open
1
#~ cme mssql 10.10.10.52 -u james -p '[email protected][email protected]!'
Copied!
  1. 1.
    With SMB port close, add the flag -d DOMAIN
1
#~ cme mssql 10.10.10.52 -u james -p '[email protected][email protected]!' -d HTB
Copied!
Expected Results:
1
MSSQL 10.10.10.52 1433 MANTIS [+] HTB\james:[email protected][email protected]!
Copied!

Local auth

1
#~ cme mssql 10.10.10.52 -u admin -p '[email protected][email protected]!' --local-auth
Copied!
Expected Results:
1
MSSQL 10.10.10.52 1433 None [+] admin:[email protected][email protected]! (Pwn3d!)
Copied!

Specify Ports

1
#~ cme mssql 10.10.10.52 -u admin -p '[email protected][email protected]!' --port 1434
Copied!