Script Kiddie is a CTF hosted on Hack the Box with Beginner categories. The objective for the participant is to identify the files user.txt and
In this article, we will learn about multiple ways to get hashes of MSSQL users. Every version of MSSQL has different hashes. We have performed
In this article, we will learn one of many ways to gain persistence in SQL servers. This article is an addition to our MSSQL for
This article is another addition to our MSSQL for Pentesters series. In this article, we will learn how to create a linked server and exploit
In this article, we will learn how to give sysadmin rights to the user who has only fundamental public rights. Technically, we will apply privilege
This article will learn about SQL servers and how to exploit their external scripts to our potential. Table of content Introduction to SQL Server Installation
In this article, we will learn about Impersonate feature that MSSQL servers offer. The earliest implementation of Impersonate was in SQL Server 7.0, released January
In this article, we will learn in detail how to pentest MSSQL servers using the Metasploit framework. Table of content Introduction Information Gathering & Enumeration
In this article, we will learn all about MSSQL command execution with CLR assembly functionality provided by Microsoft and how we can exploit it to