Microsoft SQL Server Downgrade Attack

Posted on So, 2011-12-25 in security • Tagged with mssql, mitm, downgrade, metasploit

I took a look at the authentication mechanisms of the native network protocols of some of the more prominent dbms vendors. One of my targets was Microsofts SQL Server 2008 R2. MSSQL provides two methods for authentication: Integrated and Native Authentication. Integrated uses Windows OS user credentials to log into …

Continue reading

TCP Proxy for MITM Attacks in Metasploit

Posted on So, 2011-11-20 in coding • Tagged with metasploit, ruby, mitm

Some time ago I wrote my first metasploit module and therefore had to play around with ruby. The metasploit module I wrote implements a man-in-the-middle attack on an application layer protocol. So my module is both TCP Server and Client and therefore I like to call it TCP Proxy.

Coming …

Continue reading