Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: MS SQL MDF FILE

from [Sanders, Jonathan] Network Security [Permanent Link]
Subject: RE: MS SQL MDF FILE
Date: Mon, 14 Mar 2005 10:49:07 -0600 

For things like this, I keep a copy of MSDE running on my laptop that I
can attach any MDF files to. You can get it here, it's free:

http://www.microsoft.com/sql/msde/default.asp

YMMV...

Jonathan


-----Original Message-----
From: Felikz [mailto:securityfocus@felikz.net]
Sent: Monday, March 14, 2005 10:02 AM
To: Irvin Temp
Cc: pen-test@securityfocus.com
Subject: Re: MS SQL MDF FILE

You should be able to "attach" it to any other SQL Server, one step of
this is to select the database owner thus giving you full access to it's

contents.

Irvin Temp wrote:


Im currently doing a VA of our MS SQL Database
servers.
I was able to download a backup of our MDF file from
one of the DB Server.

When i open the MDF file using "vi" editor in UNIX,
the
file appears to be cryptic. Is there a way to decipher

the contents of the file. I would like to show the to
the
full extent of the risks involved when an MDF file has

been captured from a database server.

Thanks!

Regards,

HY




Confidentiality Notice: This e-mail communication and any attachments may 
contain
confidential and privileged information for the use of the designated 
recipients named above. If
you are not the intended recipient, you are hereby notified that you have 
received this
communication in error and that any review, disclosure, dissemination, 
distribution or
copying of it or its contents is prohibited. If you have received this 
communication in
error, please notify me immediately by replying to this message and deleting it 
from your
computer. Thank you.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Nessus against Novell file servers., Roni Bachar
Next by Date:  Re: Pen Testing capabilities of Flash Files, Fausto Napolitano
Previous by Thread:  Re: MS SQL MDF FILE, Felikz
Next by Thread:  Oracle hash-list?, Jeroen
Indexes:  [Date] [Thread] [Top] [All Lists]