# Accessing Unknown SQL Server in Intranet.



## BlitzMX (Dec 17, 2007)

Hello Everyone

I work in a company with its own intranet and SQL server.
Here is my question:

I am using a web based aplication built in java or ASP.net that acesses an intern SQL server (I think). (I use Chrome to be faster)

The aplication i use has some search options but i need more.
My question is, can i build something to request more info or search with more fields than the one i use?

Where shoud i start to study that?

How do i find the IP of the SQL servr and the proper language i should study to build this aplication i need to search better for the data i want?

Can i build a chrome extension for this? What should i do?

Thank you
Best regards


----------



## Laxer (Dec 28, 2010)

I can't help you with the chrome extension but you could build a page to query information better then what you currently have.

The first thing i would do is contact the webmaster of your company and see if you can get rights to READ the SQL DB.

IF he allows this see if you can write down the structure of the table for me.


----------



## BlitzMX (Dec 17, 2007)

I wont risk that, they may not like the idea of me being interested in that.

However if there is a standard URL or something i could try to open de server, i should be able to access it. 

Can i do that with wireshark or something? to see where data is coming from or going to?

Os maybe watching the source code of the app i use to access the data?


----------



## BlitzMX (Dec 17, 2007)

The search button has this code:

<img id="wtpesquisarimg" alt="" onmouseover="document.getElementById('wtpesquisarimg').src='img/pesquisar_cheio.png';" onmouseout="document.getElementById('wtpesquisarimg').src='img/pesquisar_vazio.png';" src="img/pesquisar_cheio.png" border="0" height="20" width="62">


I suppose the control to get the data is: "document.getElementById"

I would need to see the information this element sends to 
or receaves?


----------



## Laxer (Dec 28, 2010)

I cannot assist you if you do not have permission to the database.

As for the source you posted, its just a simple javascript, nothing to do with the database.

*Just for your knowledge all coding that accesses the database is server side and will not be outputted to the screen when you render the page.*


----------

