Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Scanner for type of database server

  1. #1
    Senior Member
    Join Date
    Jul 2008
    Posts
    153

    Scanner for type of database server

    Hi,
    Is there any scanner for recognition of the type of database server of a site? I wanted to use Absinthe and it wanted to know if the server was my sql server, oracle RDBMS, postgrade sql and or Sybase?

    To be special what do you think about the following server's database:
    Server: Microsoft-IIS/6.0
    X-Powered-By: ASP.NET
    X-AspNet-Version: 1.1.4322
    Location: /myaccount/default.aspx
    Set-Cookie: cMemberCredentials=3i444iLzTnM%253d; expires=Thu, 24-Sep-2009 23:04:17 GMT; path=/
    Cache-Control: private
    Content-Type: text/html; charset=utf-8
    Content-Length: 22340

    From nmap I know that the OS is windows 2003 sp1(if I remember correcly)

  2. #2
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    I doubt it since you usually do not interface with the database directly when going to a website.

  3. #3
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    You will need to do a bit more digging on the domain to get information regarding the database that is in use.

    try to get the domain to produce some kind of database error message. That way it will tell you the type that is in use.

    also make sure that you have friendly http error message's disable via your browser.

  4. #4
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Quote Originally Posted by boyboy400
    To be special what do you think about the following server's database:
    Server: Microsoft-IIS/6.0
    That's not the database. That's the Internet Information Services.. aka standard windows webserver.

    From nmap I know that the OS is windows 2003 sp1(if I remember correcly)
    The "Microsoft-IIS/6.0" made that clear already, maybe not the SP level but you don't need that info anyway if you're going to attack the web application. The nmap scan might have triggered their IDS..
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  5. #5
    Senior Member
    Join Date
    Jul 2008
    Posts
    153
    Quote Originally Posted by SirDice
    That's not the database. That's the Internet Information Services.. aka standard windows webserver.


    The "Microsoft-IIS/6.0" made that clear already, maybe not the SP level but you don't need that info anyway if you're going to attack the web application. The nmap scan might have triggered their IDS..
    Thanks all...
    (Being a little funny, I can say that:
    the following database=the database that's mentioned below
    the following server's database=the database of the server that's mentioned below
    I don't know much about the database servers and their compatibilities so I wanted you advise that in such condition what would be your chose for database server.........forget it now I have some more important things to say)

    I asked this question from someone else, he saw the site and said it uses 90% the mssql.

    Some more info I have is that the site has 4 to 5 different names:
    www.mmm.com
    www.mmm.biz
    www.mmm.eu
    and 2 more names which are different from mmm.......
    The interesting part is that when I try http://mmm.eu
    it gives me the following page:
    ////////////////////////////////////////////
    The page cannot be displayed
    You have attempted to execute a CGI, ISAPI, or other executable program from a directory that does not allow programs to be executed.

    Please try the following:

    * Contact the Web site administrator if you believe this directory should allow execute access.

    HTTP Error 403.1 - Forbidden: Execute access is denied.
    Internet Information Services (IIS)

    Technical Information (for support personnel)

    * Go to Microsoft Product Support Services and perform a title search for the words HTTP and 403.
    * Open IIS Help, which is accessible in IIS Manager (inetmgr), and search for topics titled Configuring ISAPI Extensions, Configuring CGI Applications, Securing Your Site with Web Site Permissions, and About Custom Error Messages.
    * In the IIS Software Development Kit (SDK) or at the MSDN Online Library, search for topics titled Developing ISAPI Extensions, ISAPI and CGI, and Debugging ISAPI Extensions and Filters.
    //////////////////////////////////////
    Can it be of any help? And if so, what type of vulnerability you think it might has? Do you remember any special thing in metasploit that can help?
    Thanks

  6. #6
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    boyboy400

    what is the question???


    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  7. #7
    Senior Member
    Join Date
    Jul 2008
    Posts
    153
    My first question was that is there any database server scanner that tell us what type of database server an arbitrary site uses?
    The answer was "apparently not. You have to play with the site!! a little and wait for an error from the server like: "an error occurred in the mysql line ...." or things like that.
    Then the discussion changed to an example that I want to know its database server type? You can see the only error I could find (I don't know if it can help or not). Now according to your experience tell me please the database server type of the site (if you guess something) and if you guess any vuln in the site?

  8. #8
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    You have lots to learn young padawan...

    None of the errors or headers you've shown here are related to a database. They're all webserver generated messages.

    Now, from experience I know that if the webserver is prototypical MS, the database behind it probably is too.

    Educated guess? MS-SQL.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  9. #9
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    I asked this question from someone else, he saw the site and said it uses 90% the mssql.
    I would just have your friend look at it....he appears to be pretty intuitive. :?

    As Sir Dice has said.....the server is obviously running IIS....good chance the OS is MS....so good chance the database is MSSQL

    But.....how do you know the database is on the same server?

    I have seen many websites use Mysql.

    as for exploits there is a ton of stuff on SQL exploits on the world wide interweb....

    Google is your friend

    MLF
    Last edited by morganlefay; September 26th, 2008 at 01:07 PM.
    How people treat you is their karma- how you react is yours-Wayne Dyer

  10. #10
    Banned
    Join Date
    Jan 2008
    Posts
    605
    as for exploits there is a ton of stuff on SQL exploits on the world wide interweb.
    Not at all. There is a big difference between web application flaws and localized problems that effected SQL directly. Get real.

Similar Threads

  1. Autopsy of a successful intrusion
    By gore in forum Miscellaneous Security Discussions
    Replies: 11
    Last Post: June 13th, 2006, 04:06 AM
  2. Error accessing GPO
    By MrPacket in forum Operating Systems
    Replies: 16
    Last Post: February 26th, 2006, 05:32 AM
  3. Slack BSD
    By gore in forum Operating Systems
    Replies: 2
    Last Post: February 25th, 2005, 08:12 AM
  4. Windows 2000 Tips
    By Nokia in forum Tips and Tricks
    Replies: 0
    Last Post: June 12th, 2004, 05:13 PM
  5. How do Instant Message Services Work?
    By Lansing_Banda in forum Network Security Discussions
    Replies: 2
    Last Post: October 5th, 2003, 02:14 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •