mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-22 12:26:17 +00:00
9.0 KiB
9.0 KiB
MSSQL Server
⚠️ Content of this page has been moved to InternalAllTheThings/cheatsheets/mssql-server-cheatsheet
- Tools
- Identify Instances and Databases
- Identify Sensitive Information
- Linked Database
- Find Trusted Link
- Execute Query Through The Link
- Crawl Links for Instances in the Domain
- Crawl Links for a Specific Instance
- Query Version of Linked Database
- Execute Procedure on Linked Database
- Determine Names of Linked Databases
- Determine All the Tables Names from a Selected Linked Database
- Gather the Top 5 Columns from a Selected Linked Table
- Gather Entries from a Selected Linked Column
- Command Execution via xp_cmdshell
- Extended Stored Procedure
- CLR Assemblies
- OLE Automation
- Agent Jobs
- External Scripts
- Audit Checks
- Find databases that have been configured as trustworthy
- Manual SQL Server Queries
- Query Current User & determine if the user is a sysadmin
- Current Role
- Current DB
- List all tables
- List all databases
- All Logins on Server
- All Database Users for a Database
- List All Sysadmins
- List All Database Roles
- Effective Permissions from the Server
- Effective Permissions from the Database
- Find SQL Server Logins Which can be Impersonated for the Current Database
- Exploiting Impersonation
- Exploiting Nested Impersonation
- MSSQL Accounts and Hashes
- References