You can register an iTabCode account to be able to view iTabCode without ads. ( Registration is Free ) Register Now

mssql for pentester

  1. x32x01

    MSSQL for Pentester: Command Execution with xp_cmdshell

    Today’s article is the third article in the series of MSSQL Server and its penetration Testing. In this article, we will be discovering and exploiting the security aspects of the xp_cmdshell functionality. Table of Content Introduction What is xp_cmdshell? Enabling xp_cmdshell Manually...
  2. x32x01

    MSSQL for Pentester: Nmap

    To obtain basic information such as database names, usernames, names of tables, etc from the SQL servers on the Windows operating system, we will execute penetration testing using Nmap scripts. MSSQL is Microsoft SQL Server for database management in the network. By default, it runs on port...
  3. x32x01

    MSSQL for Pentester: Command Execution with Ole Automation

    OLE automation is a process through which an application can access and manipulate the implied objects in other applications. Hence, in this article, we will how to use OLE automation to our benefit. Table of Content: What is OLE Automation? What are Facets? How to enable OLE Automation? GUI...
  4. x32x01

    MSSQL for Pentester: Command Execution with CLR Assembly

    In this article, we will learn all about CLR assembly functionality provided by Microsoft and how we can exploit it to our potential. Table of Content: What is Common Language Runtime Integration? Trustworthy Database Property Enabling CLRIntegration with GUI Check and Enabling Trustworthy...
  5. x32x01

    MSSQL for Pentester: Metasploit

    In this article, we will learn in detail how to pentest MSSQL servers using the Metasploit framework. Table of content Introduction Information Gathering & Enumeration Locating MSSQL Server Password Cracking Retrieving MSSQL version MSSQL Enumeration SQL Users Enumeration Capturing MSSQL...
  6. x32x01

    MSSQL for Pentester: Impersonate

    In this article, we will learn about Impersonate feature that MSSQL servers offer. The earliest implementation of Impersonate was in SQL Server 7.0, released January 1993. This command is used to authenticate a user on behalf of another user. Let’s learn all about it now. Table of Content...
  7. x32x01

    MSSQL for Pentester: Command Execution with External Scripts

    This article will learn about SQL servers and how to exploit their external scripts to our potential. Table of content Introduction to SQL Server Installation of SQL Server Executing Python Script Executing R Script Introduction to SQL Server Microsoft has released a lot of versions for SQL...
  8. x32x01

    MSSQL for Pentester: Abusing Trustworthy

    In this article, we will learn how to give sysadmin rights to the user who has only fundamental public rights. Technically, we will apply privilege escalation logic and give sysadmin the privilege to a regular public user. And abuse the trustworthy property, given that it is enabled on the...
  9. x32x01

    MSSQL for Pentester: Abusing Linked Database

    This article is another addition to our MSSQL for Pentesters series. In this article, we will learn how to create a linked server and exploit it. Table of content Introduction to Link Servers Lab Set-Up Exploiting Link Server Enumeration Code Execution with PowerUpSQL & Metasploit...
  10. x32x01

    MSSQL for Pentester: Stored Procedures Persistence

    In this article, we will learn one of many ways to gain persistence in SQL servers. This article is an addition to our MSSQL for Pentesters series. Gaining persistence is one of the significant steps when performing Red Team operations. And when performing such operations on MSSQL, there are...
  11. x32x01

    MSSQL for Pentester: Hashing

    In this article, we will learn about multiple ways to get hashes of MSSQL users. Every version of MSSQL has different hashes. We have performed our practical on SQL Server 2016 version. Once we find the hashes, we will use JohnTheRipper to crack them. Table of Content Introduction to Hashing...
  12. x32x01

    MSSQL for Pentester: Command Execution with Extended Stored Procedures

    Extended stored procedures are DLL files that are referenced by the SQL Server by having the extended stored procedure created which then reference functions or procedures within the DLL. The DLLs which are behind the extended stored procedures are typically created in a lower-level language...
  13. x32x01

    MSSQL for Pentester: Extracting Juicy Information

    In this post, you will learn how will can extract sensitive sample information stored in the mssql by using powerupsql and mssql. In our previous article, we have mention tools and techniques that can be used to enumerate MSSQL Instances. Table of Contents Lab setup PowerupSQL Extracting...
  14. x32x01

    MSSQL for Pentester: Discovery

    Microsoft SQL Server (MS-SQL) is a relational database manager created by Microsoft. Such management systems are used to engage databases with the user. Multiple databases are used in a large enterprise or organisation which leads to a problem of SQL Sprawl. There are various methods to identify...
Top