Richard Bucker

Attacking MS SQL Server

Posted at — Nov 29, 2013

Someone decided that a SQL Server installation should be permitted to run naked on the internet and that a firewall by itself was sufficient to keep it secure. When in reality there were multiple user accounts like the ‘SA’ account with default passwords. Interestingly, SQL Server supported binary plugins with root elevation and VOILA. Instant root.