xp_cmdshell.py - Githubissues

0xalwayslucky / pentesting-tools

collection of public tools & my own

2 stars 1 forks source link

Closed 0xalwayslucky closed 2 years ago

0xalwayslucky commented 2 years ago

need better way to implement powershell access

escaping with quotes n that is crappy (submitting \ leads to error since " will be escaped) -> not properly built

0xalwayslucky commented 2 years ago

Just use encodedCommand without quotes and ask if -powershell was set

If yes -> b64 encode command before executing sql query