MSSQL NetExec Pentesting is an essential technique for red teamers and penetration testers who want to automate attacks against Microsoft SQL Servers. Moreover, NetExec (nxc)
xp_cmdshell command execution is a powerful technique available to penetration testers targeting Microsoft SQL Server environments. Microsoft introduced xp_cmdshell with T-SQL in SQL Server 6.0
In this post, you will learn how will can extract sensitive sample information stored in the mssql by using powerupsql and mssql. In our previous
Extended stored procedures are DLL files that SQL Server references by creating the extended stored procedure, which then points to specific functions or procedures inside
In this article, we will learn about multiple ways to get hashes of MSSQL users. Every version of MSSQL has different hashes. We have performed
In this article, we will learn one of many ways to gain persistence in SQL servers. This article is an addition to our MSSQL for
This article is another addition to our MSSQL for Pentesters series. In this article, we will learn how to create a linked server and exploit
In this article, we will learn how to give sysadmin rights to the user who has only fundamental public rights. Technically, we will apply privilege
This article will learn about SQL servers and how to exploit their external scripts to our potential. Table of content Introduction to SQL Server Installation