MSSQL Server Agent Jobs for Command Execution

preview_player
Показать описание
A companion video to a recent blog post I wrote. Use native MSSQL Server functionality to achieve command execution via a SQL query, in lieu of using xp_cmdshell. Can also be used to schedule persistent command execution, and abused to access other SQL servers (if the account running MSSQL Server Agent has access to them, or if you have ascertained credentials already).

In the video I use an example of a SQL injection condition that also abuses this method to achieve a remote command and control session on a target system.

Here is SQL syntax for creating and running a job, in a one liner for SQLi delviery:
  1. nicholas popovich
  2. SQL Injection
  3. Penetration Testing
  4. MSSQL Server Agent Job
  5. Command Exection
  6. Persistence
Рекомендации по теме
MSSQL Server Agent 0:03:06

MSSQL Server Agent Jobs for Command Execution

Creating SQL Server 0:08:00

Creating SQL Server jobs

How to Create 0:12:53

How to Create Job in SQL Server | Schedule job in SQL Server | Sql Interview Questions

How to Create 0:04:48

How to Create Job in SQL Server | Schedule job in SQL Server

61 Schedule SSIS 0:10:17

61 Schedule SSIS package in SQL Server agent | create sql job to run ssis package

Fix SQL Server 0:02:49

Fix SQL Server Agent is Missing in SQL Server Management Studio

How to Search 0:07:00

How to Search Text in Steps of SQL Server Agent Jobs - SQL Server Tutorial

How To Change 0:14:53

How To Change Job Owner for all JOBS In MS SQL SERVER

Learn SQL SERVER 0:23:57

Learn SQL SERVER Agent in SQL SERVER | How to create Job in SQL SERVER AGENT | SQL

DBA Fundamentals: Maintenance: 0:12:22

DBA Fundamentals: Maintenance: Agent Jobs

SQL Server DBA 0:07:26

SQL Server DBA Tutorial 158-How to Migrate SQL Server Agent Jobs in SQL Server

Different ways to 0:11:42

Different ways to delete or drop Job in SQL Server Agent | Job creation in SQL Agent

SQL Server DBA 0:04:33

SQL Server DBA Tutorial 118-Job Categories Overview in SQL Server Agent

How to Start 0:00:34

How to Start SQL Server Agent - A Beginner's Guide

How To Export 0:02:26

How To Export Job Details and there schedules in SQL Server

Using the SQL 0:02:42

Using the SQL Server Job Activity Monitor

Step by Step 0:17:01

Step by Step Configuration of SQL Server Agent for Multi-Server Administration to Automate Jobs

Get SQL Server 0:10:53

Get SQL Server Agent Jobs List with Schedules in SQL Server - SQL Server Tutorial

Managing SQL Server 0:14:37

Managing SQL Server Agent jobs with Notebook Jobs in Azure Data Studio | Data Exposed: MVP Edition

What is SQL 0:09:53

What is SQL Job | Automate SQL job | SQL Examples | SQL Server agent job

SQL : Create 0:01:29

SQL : Create SQL Server Agent job for stored procedure with input parameter

SQL Server Job 0:03:48

SQL Server Job Scheduler

Call SQL Agent 0:12:42

Call SQL Agent JOB from Procedure | SQL Job through procedure | SQL Agent job Automation

SQL Server DBA 0:03:44

SQL Server DBA Tutorial 31 - Job Categories Overview in SQL Server Agent