dEEpEst Posted August 25, 2023 Share Posted August 25, 2023 AutoSQL A tool to Enumerate and Exploit SQL Servers in AD Environments Features: Check authentication and roles on current instance as current logged in user. Checks which logins can be impersonated. Allows login impersonation. Allows UNC path injection to grab NET-NTLM hash on Responder or Impacket. Allows command execution test via xp_cmdshell and sp_OACreate procedures on current instance. Checks for linked SQL servers in the domain. Checks access on any linked SQL server. Allows to enable RPC on current instance towards any linked SQL server and enables xp_cmdshell procedure to execute PS Command on remote linked SQL server. This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts