Database Penetration Test Process/Checklist

  • [ ] Scan for defaults ports used by the database
  • [ ] Scan for nondefault ports used by the database
  • [ ] Identify the instance names used by the database.
  • [ ] Identify the version number of the database
  • [ ] Sniff database-related traffic on the local wire. * [ ] Test Microsoft SQL Server * [ ] Test for direct access interrogation * [ ] Scan for MSSQL Server Ports (TCP/UDP 1433) * [ ] Scan for MSSQL Resolutions Services * [ ] Test for buffer overflows in extended stored procedures * [ ] Test for service account registry key. * [ ] Test for SQL injection attack vulnerability. * [ ] Test for blind SQL injection attack vulnerability * [ ] Test for vulnerability to Google hacks * [ ] Attempt direct-exploit attacks * [ ] Try to retrieve server account list * [ ] Use osql test for default/common passwords. * [ ] Try to retrieve the sysxlogins table * [ ] Brute-force the SA account.
  • [ ] Test Oracle Server * [ ] Port-scan UDP/TCP ports (TCP/UDP 1433)
  • [ ] Check the status of TNS Listener Running on the Oracle Server.
  • [ ] Try to log in using defaults account passwords.
  • [ ] Try to enumerate SIDs
  • [ ] Test MySQL Server * [ ] Port-scan UDP/TCP ports
  • [ ] Extract the version of the database being used.
  • [ ] Try to log in using default/common passwords
  • [ ] Use a dictionary attack to try to break into account’s
  • [ ] Extract system and user tabled from the database.

Trusted Veteran | Compassionate. Aspiring. Resourceful.