Search Atthacks Menu Home Ethics Statement About Contact Menu Search Search for: Close search Close Menu Home Ethics Statement About Contact Home Ethics Statement About Contact Categories Tools & Scripts MS SQL Security Admin – Priv Esc Post author By Atthacks Post date 14 February 2021 https://github.com/atthacks/mssql-secadmin-privesc
It’s been a while – I have been crazy busy with work and life in general and unfortunately let the blog slip a little. All the plans I want to do are in the pipeline at some point. It’s just a case of finding the time!!
Anyway, today I give you a custom Metasploit module to add to your arsenal. Within MS SQL Server, there is a very easy way to elevate your privileges from the “Security Admin” server role. By default, the “Security Admin” role does not have permission to enable “xp_cmdshell” to allow you to get code execution on the machine. However, you can create new users. The user you create cannot be assigned a permission higher than the “Security Admin” (which makes sense). But what you can do is grant “Control Server