[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nessus-plugins-writers
Subject:    Re: [Plugins-writers] mssql_blank_password.nasl and
From:       Dennis Jackson <Dennis.Jackson () ndirect ! co ! uk>
Date:       2004-02-26 21:46:34
Message-ID: v03110702bc641842cc01 () [192 ! 168 ! 1 ! 33]
[Download RAW message or body]

At 1:37 +0000 26/2/2004, H D Moore wrote:
> I consider these two separate vulnerabilities. The reason is that blank 
> passwords are normally the result of a default configuration or insecure 
> application install (many apps bundle a wide-open MSDE service), where a 
> common or weak account password is a admin/developer training issue. 

I would have thought the vulnerability is the same - an 
easily guessable password.

However, the reason for the vulnerability may be the 
result of different actions.

Although the name of the script is mssql_brute_force.nasl 
it only check 11 different combinations of username and 
password. It isn't really a brute force attempt at guessing 
the password. 


> Maybe move the login routines into a mssql_funcs.inc and have each plugin 
> include it? Combining them into one plugin would work, provided the 
> report differentiates between blank and weak passwords.

mssql_brute_force.nasl already reports the username and 
password. The only addition would be an explanation that 
a blank password is likely to be the result of a default 
install.


> On Wednesday 25 February 2004 18:14, Dennis Jackson wrote:
> > Should the two scripts mssql_blank_password.nasl and
> > mssql_brute_force.nasl be merged into one?
> >
> > The first script simply tests for the combination of
> > username "sa" password "". While the second scripts tests
> > for eleven different combinations of username and
> > password. It would be trivial to add "sa" / "" into the
> > list in mssql_brute_force.nasl
> >
> > As a further change, some of the description in
> > mssql_blank_password.nasl should be added into the report
> > produced by mssql_brute_force.nasl
> >
> >
> > Dennis.



[prev in list] [next in list] [prev in thread] [next in thread]