PowerUpSQL
PowerUpSQL copied to clipboard
NetSPI
PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
Because when there is only one credential, it can lead to errors and make it difficult to determine if weak passwords exist.
- Copy paste errors in the description and in the variables - Error in a verbose message
Hi, I'm having issues validating connections to SQL domain instances through a SOCKS proxy (Proxifier on Windows). Does the Test connection process actually needs UDP at all ? Any tips...
how to add audit for who call openqyer and what openquery did called
This PR adds the following enhancements to `Get-SQLServerLinkCrawl`: * Performance increase * Crawling will no longer re-visit traversed links (same server with the same user) * This avoids circular dependencies,...
I spent some time trying to figure out the correct syntax to use with `Get-SqlServerLinkCrawl` to enabled `xp_cmdshell` and run system commands on all the DB on the links, but...
when calling `Invoke-SQLImpersonateService -Verbose -Instance [Instance-Name]` on windows 10 I get the above error. Looks like Caldera had this issue as well and had a pretty good fix for it:...
Im trying to connect from a non-domain joined machine with the following command: ```Get-SQLInstanceDomain -DomainController dc1.domain.local -Username domain\username -Password password123``` It does not show that there are any SQL servers,...
Maybe I am missing something, but the audit seems to look for xp_dirtree and xp_fileexists but not for xp_cmdshell. It is a critical part of the audit, if command execeution...
In essence I want to scan another domain with Get-SQLInstanceDomain, but it doesn't seem to be an argument to target another domain. Is there any other way?
