SQLScan is a Windows GUI scanner tailored specifically to finding SQL servers that may be vulnerable to the recent SQL "Slammer" or "SQHell" worm that attacks vulnerable Microsoft SQL 2000 servers.
Use of the tool should be fairly self-evident. Enter a list of IP addresses to be scanned in the IP list. You can continually add to the list and can pull in a pre-built list of IP addresses from a file if you wish. IP addresses in the file can be specified as single IPs (10.1.2.3), or ranges (10.1.2.3-10.3.4.5, or 10.1.2.3-254 etc.). Right-clicking with the mouse on the IP list window will allow you to directly paste lists of IPs from the clipboard.
Choose which SQL port you would like to scan by entering it in the port selection edit box. Port 1434 is used by default but this can be changed to anything more appropriate for the network you are scanning.
When you are ready, click the Start button (right blue arrow). To stop the scan click the Stop button (blue square).
The program will attempt to extract and display the SQL query response string from responding hosts. If this is not able to be determined nothing will be shown in the response field.
Right-clicking on an entry in the list of discovered hosts will bring up a menu where you can select to copy the relevant IP address or the entire displayed line to the clipboard.
When the scan has completed you can save the list of discovered hosts to a file by clicking the "Save..." button at the bottom right of the window. You can save in either HTML or comma-separated (CSV) format by choosing an appropriate file extension. The file will be saved in the same manner as it is displayed i.e. if you have chosen to sort the list by clicking one of the column headers that is how it will appear in the file.