infosecn1nja
/
LOLBAS
mirror of https://github.com/infosecn1nja/LOLBAS.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #13 from giMini/master 

SQLToolsPS.exe
master
Oddvar Moe 2018-05-07 08:45:22 +02:00 committed by GitHub
parent 30fb45027f 3a61596571
commit b79fba5226
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 33 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
LOLBins.md
View File

@ -79,6 +79,7 @@ If you are missing from the acknowledgement, please let me know (I did not forge
[Rcsi.exe](OtherMSBinaries/Rcsi.md)
[Sqldumper.exe](OtherMSBinaries/Sqldumper.md)
[Sqlps.exe](OtherMSBinaries/Sqlps.md)
[SQLToolsPS.exe](OtherMSBinaries/SQLToolsPS.md)
[Te.exe](OtherMSBinaries/Te.md)
[Tracker.exe](OtherMSBinaries/Tracker.md)
[Vsjitdebugger.exe](OtherMSBinaries/Vsjitdebugger.md)

31
OSBinaries/SQLToolsPS.md Normal file
View File

@ -0,0 +1,31 @@
## SQLToolsPS.exe
* Functions: Execute, evade logging
```
SQLToolsPS.exe -noprofile
```
Acknowledgements:
* Pierre-Alexandre Braeken - @pabraeken
Code sample:
* Downloading & executing a file
```
C:\Users>"C:\Program Files (x86)\Microsoft SQL Server\130\Tools\Binn\SQLToolsPS.exe -noprofile -command Start-Process calc"
```
Resources:
* https://twitter.com/pabraeken/status/993298228840992768
Full path:
```
C:\Program files (x86)\Microsoft SQL Server\130\Tools\Binn\sqlps.exe
```
Notes:
A Powershell host.